ad462aea45e49ab9bc8b514560dcce20_JaffaCakes118 | Triage

Sharing

General

Target

ad462aea45e49ab9bc8b514560dcce20_JaffaCakes118
Size

9KB
MD5

ad462aea45e49ab9bc8b514560dcce20
SHA1

9e95db836b1411d58120bd2a39dcb20e60c0ebb1
SHA256

94bfdfef0faac4de654989fa06113366845935bb624a3f66871f34e520e428d7
SHA512

39521a822d4053872adfe53f8c80b1b53b17a9c25d0c27b3bb10a931e9d7ea1125119e604ed98f90c9d8a4c13275ff03ffbfa03a1e2ae544282fcd2d4adf611c
SSDEEP

192:+u7iB7fZlXF0f4dtZ14LRzO1n6VqX9n35lY:+u+BDe4dtZaBOt6Vqtn3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad462aea45e49ab9bc8b514560dcce20_JaffaCakes118

Files

ad462aea45e49ab9bc8b514560dcce20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

794c873931b16911b9caa642460a2026

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
DefineDosDeviceW
DuplicateHandle
ExitProcess
GetCPInfoExA
GetEnvironmentStringsA
GetFullPathNameA
GetOEMCP
GetProcessHeaps
GetProfileSectionA
GetTempFileNameA
GlobalReAlloc
HeapCompact
OpenMutexA
ReadConsoleOutputCharacterA
SetConsoleCursorInfo
SetConsoleOutputCP
SetErrorMode
SetHandleContext
WaitNamedPipeW

advapi32

ConvertAccessToSecurityDescriptorW
CryptSetProviderA
GetEffectiveRightsFromAclA
LookupSecurityDescriptorPartsW
MakeAbsoluteSD
RegOpenKeyExW
RegSaveKeyA
RegUnLoadKeyA
RegisterServiceCtrlHandlerA
ReportEventA

gdi32

ChoosePixelFormat
CreateDIBPatternBrushPt
CreateMetaFileA
GetEnhMetaFileDescriptionW
GetFontLanguageInfo
GetKerningPairs
GetLayout
GetMapMode
GetRandomRgn
GetTextExtentExPointW
SetDIBColorTable
UpdateColors

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE