a3e8d2185a4c5db02690f29e62d86829_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3e8d2185a4c5db02690f29e62d86829_JaffaCakes118
Size

25KB
MD5

a3e8d2185a4c5db02690f29e62d86829
SHA1

8a11db8d8ff6331582c14bbe31cfa62e8800a8eb
SHA256

7989a4b13ae8f11923b1d96eb2933d3632deef2553b69a74ba2b81b8a2ec17e3
SHA512

22e96d53bdcdf60c4ed8b8dc520384bf31afc3210c0ae7e3d5e37b5978a9392838ac5918466ba7d0cd72b7dd83f58a6a63036798f8b24fee33912db0b58bcebc
SSDEEP

384:Y2FhmiduG/jUqVTXnTJrEUGoYQqQ7L4xcnzwP2/EBZlHUwL1Fni4RIKj0aibG:jhXzjUqlrEWDT6cnzOwg0u1Bi42VbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3e8d2185a4c5db02690f29e62d86829_JaffaCakes118

Files

a3e8d2185a4c5db02690f29e62d86829_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e2c69898e19633e9830253504d1e2896

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ElfDeregisterEventSource
CryptGetKeyParam
FindFirstFreeAce
GetSecurityDescriptorDacl
GetTokenInformation

kernel32

ClearCommBreak
ConvertThreadToFiber
CreateEventA
CreateMutexA
DefineDosDeviceA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE