a7948ef3cbda520233cd6dda8864e18d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7948ef3cbda520233cd6dda8864e18d_JaffaCakes118
Size

57KB
MD5

a7948ef3cbda520233cd6dda8864e18d
SHA1

7ae8b53591be9fc3a2b2b4a6db235c1e71054076
SHA256

e177698624ea54ad1929bef2e28e76060ce4bce5ebd8ba80536c86a8b2918b4b
SHA512

7f1bcda3ffaf92cb3db56a467b49ff2cde306f0977014c6a271f290565b37989d35ac9e30c7618864577ccbf19e4ec845d398557d59f4a382270c21c9f79fc4b
SSDEEP

1536:cejTpSRkEKp5nOwCPaEg55deJdUFbWVHS0YoZ1Rqk:c2lECgg5PIMxm13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7948ef3cbda520233cd6dda8864e18d_JaffaCakes118

Files

a7948ef3cbda520233cd6dda8864e18d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2ad173bab53a5aa1ee9e77eb1366ae3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClipboardData
LoadCursorA
EndDialog
SetProcessWindowStation
PeekMessageA
GetDlgItem
OpenDesktopA
GetMessageA
GetClassNameA
SetThreadDesktop
ExitWindowsEx
CloseDesktop
CloseWindowStation
OpenWindowStationA
GetIconInfo

kernel32

GetModuleFileNameW
LoadLibraryA
VirtualAlloc
InitializeCriticalSection
VirtualProtect
GetModuleHandleA
lstrlenW
CloseHandle
FindNextFileW
lstrlenA
GetAtomNameW
lstrcatW
lstrcmpiA
HeapReAlloc
CreateProcessW
GetCommandLineA
GetVersionExW
GetModuleFileNameA
MultiByteToWideChar

shlwapi

wnsprintfA
wnsprintfW
wvnsprintfW
PathFileExistsW
StrStrW
PathRemoveFileSpecW
SHDeleteKeyA
PathMatchSpecW
wvnsprintfA
PathCombineW
StrCmpNIW
PathFindFileNameW

advapi32

CryptReleaseContext
CryptHashData
RegCloseKey
CryptGetHashParam
DuplicateTokenEx
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE