a87d0c53817e9edad2d7b18a234cb806_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a87d0c53817e9edad2d7b18a234cb806_JaffaCakes118
Size

203KB
MD5

a87d0c53817e9edad2d7b18a234cb806
SHA1

a3e040934a07662d8d4063e8a7e22a2dc17e2f4e
SHA256

b7393a6ff2b5a0de290b684f4f10ff4397bef09833f2abc8f455b4b905648c79
SHA512

1b5944e9d51a84897d203cfb14d1d8559933d4d02e7952efffc7c853342b24438ffa8d55d500d7c611330722ce631df4c2185871de4e37c1adea0039e7fd68df
SSDEEP

3072:wntjEZtiyHu0MWcf+AzfDMVEt5H7lur1xeq3EZzLaYsS+oNb/M:KEZTHOz1MU7l6zXWzLa7S++/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a87d0c53817e9edad2d7b18a234cb806_JaffaCakes118

Files

a87d0c53817e9edad2d7b18a234cb806_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3392dd962d43bf9a2473f2426342becf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetLocaleInfoA
HeapReAlloc
OutputDebugStringW
GetStringTypeW
OutputDebugStringA
EnumSystemLanguageGroupsW
LCMapStringW
LCMapStringA
IsValidCodePage
WriteConsoleW
DebugBreak
CompareFileTime
GetTimeZoneInformation
GetStringTypeA
GetCPInfo

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

winmm

sndPlaySoundA

advapi32

QueryServiceStatus
GetSecurityDescriptorLength
AddAce
GetUserNameA
DuplicateTokenEx
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
PrivilegeCheck
LookupAccountSidA
InitializeSecurityDescriptor
RegOpenKeyExW

shlwapi

PathAddBackslashW

oleacc

CreateStdAccessibleObject
CreateStdAccessibleProxyA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ