a4f6689768da68bb45ca8652e2b9623f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4f6689768da68bb45ca8652e2b9623f_JaffaCakes118
Size

10KB
MD5

a4f6689768da68bb45ca8652e2b9623f
SHA1

5303a7a08e201cc5a499b405ac260ed80c801ce3
SHA256

e8872e6725580d8b0a9a25236d69b6d0fb0609273ce72b459f82a8937ede1fdc
SHA512

d29a184f52052e316bc5e746a835648c7ba9f6b2a5b62e29be25139ed1d4e91f432936a6523d08cc6d9682c674d515cb4a2fa858683a8c80ed4711599fa16961
SSDEEP

192:+7PxGo5UIo5nrVqud790ZdFKdcIqxU6yg2Tl5lEvjy:+z15QrleK5q+gYl54jy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4f6689768da68bb45ca8652e2b9623f_JaffaCakes118

Files

a4f6689768da68bb45ca8652e2b9623f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ee08e03ff1be16c1ffa5c428d6c7407

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
EnumResourceTypesA
ExitProcess
GetCPInfoExW
GetProcessHeap
GetProfileSectionA
InterlockedCompareExchange
LocalCompact
MapViewOfFile
OpenFileMappingA
SetComputerNameA
SetConsoleCursorInfo
SetLocaleInfoA
SetThreadContext
SuspendThread
VirtualFreeEx
WriteConsoleW
WriteProfileStringA

advapi32

AddAce
AdjustTokenGroups
ChangeServiceConfigA
CryptDuplicateKey
CryptEnumProviderTypesW
CryptImportKey
CryptSetKeyParam
GetMultipleTrusteeA
GetMultipleTrusteeOperationA
GetOverlappedAccessResults
ImpersonateSelf
MapGenericMask
OpenEventLogA
ReadEventLogW
RegOpenKeyExW
SetFileSecurityW
SetSecurityInfoExW

gdi32

AngleArc
BeginPath
CreatePen
DeviceCapabilitiesExA
DrawEscape
EnumFontFamiliesW
EnumICMProfilesA
FillRgn
FrameRgn
GetColorAdjustment
GetEnhMetaFileDescriptionW
GetGraphicsMode
GetPixel
GetROP2
GetRasterizerCaps
GetTextCharset
IntersectClipRect
SetPixel
SetTextCharacterExtra
TranslateCharsetInfo

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE