a6ac47e5dca8427772bc30eff4db66ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6ac47e5dca8427772bc30eff4db66ee_JaffaCakes118
Size

67KB
MD5

a6ac47e5dca8427772bc30eff4db66ee
SHA1

25454f1a919423698074b6d9526154d5e938690b
SHA256

dcd8ca5111092be699c91c717c3569e0be7bd0fd9171e9bfc26d4a48987dd897
SHA512

bec81045e00b4d0677f26f712e2778c3f88827c7235eb9b6805faa031099f3fbb78002c5423fda3b6cc1f7d5e59cbe86a1cf488c52f7deef790329b71848633f
SSDEEP

1536:6Zor1XUhB+jAocXwbt/wnKe9cBOHi6WdA92Z+Y7YRext:bGBHocXk/EJ9uO3cAEZxYIL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6ac47e5dca8427772bc30eff4db66ee_JaffaCakes118

Files

a6ac47e5dca8427772bc30eff4db66ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54dc8abbe56566a77d7248cef74c8ae5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIA
wnsprintfA
SHDeleteKeyA
PathCombineW
wvnsprintfA
StrCmpNIW
wnsprintfW
PathRemoveFileSpecW

advapi32

CryptHashData
RegCreateKeyExA
RegEnumKeyExA
CryptReleaseContext
CryptGetHashParam
RegDeleteValueA
CryptCreateHash
CryptDestroyHash
RegSetValueExA
DuplicateTokenEx
RegCloseKey
CryptAcquireContextW
GetUserNameW

kernel32

ExpandEnvironmentStringsW
VirtualAlloc
InitializeCriticalSection
LeaveCriticalSection
CreateMutexW
MulDiv
GetLocalTime
CreateFileA
WaitForSingleObject
GlobalLock
GetFileAttributesA
GetModuleHandleA
GetCommandLineA
FindClose
lstrlenW
VirtualProtect

user32

LoadCursorA
MsgWaitForMultipleObjects
CloseDesktop
GetKeyState
GetWindowTextA
GetForegroundWindow
DrawIcon
DispatchMessageA
GetMessageA
GetIconInfo
OpenDesktopA
PeekMessageA
GetWindowThreadProcessId
ToUnicode
GetClipboardData
SendMessageA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE