a7869de259c42fe451e2297a83a55ae4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7869de259c42fe451e2297a83a55ae4_JaffaCakes118
Size

88KB
MD5

a7869de259c42fe451e2297a83a55ae4
SHA1

6a47f31f817ee8c889b84a508f04b54b6dae9f5c
SHA256

c3d1c352acb2dc7c3d43cc1cc33db6803ed95963ebdf8008dc1f19175985d583
SHA512

084becdc8da592b0aecda1089a2245d0681bb29056f2f2d986fce2099271ce423d4630ae4615236c3a278c58574028e3c2bebbcecdc7fcede0946b2ee4890fa1
SSDEEP

1536:KJmwsv/RHI0dc+sUN8ZftsOFCaJdtcINzoWw:K4hhHI0dc+sUOL5XIIeWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7869de259c42fe451e2297a83a55ae4_JaffaCakes118

Files

a7869de259c42fe451e2297a83a55ae4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

511f4e420715b5b5263734c2324a0477

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetModuleHandleA
GetLastError
TlsGetValue
GetCommandLineA
CloseHandle
LocalFree
FreeConsole
GetDateFormatA
GetDiskFreeSpaceExA
CancelIo
FindClose
GetDriveTypeW
VirtualProtect
IsBadReadPtr
SetLastError
LoadLibraryExW
IsBadStringPtrA
DeleteCriticalSection
EnumResourceTypesA

advapi32

FreeSid
GetFileSecurityA
AccessCheck
CloseEventLog
LsaClose
IsValidSid
OpenEventLogA
LsaSetSecret
RegCloseKey
RegLoadKeyA
CloseTrace
RegCreateKeyExA
LsaFreeMemory
RegCloseKey

osuninst

RemoveUninstallImage
ExecuteUninstall
IsUninstallImageValid
GetUninstallImageSize
ProvideUiAlerts

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE