aefcaf83886a31f8a4e4057bd1a20c90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aefcaf83886a31f8a4e4057bd1a20c90_JaffaCakes118
Size

54KB
MD5

aefcaf83886a31f8a4e4057bd1a20c90
SHA1

a80dd74c72741de37be453df67825beb37eaa44f
SHA256

10860365fe9b8fb482e047b79640317bcd1faa906d2048d412ca67f8379df5cd
SHA512

6ece6f1706e220efe32c74eba95942c46ee53c79255f2ab2af44d6281e77bda91685dd48b3ea1a5603621498bf31cd41435763f1340932031beb89ce2e700b84
SSDEEP

768:2xkIH66jb/tkjXTh+oB8JNi2cdBlKJM2FNPsf4TxiAxoi8w+L9vcMsWLpKytl2a9:lIDjjtiDh+DJc2cZi7PnzIJccLYyCAH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aefcaf83886a31f8a4e4057bd1a20c90_JaffaCakes118

Files

aefcaf83886a31f8a4e4057bd1a20c90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16bbe5f51884b574549bfb2d89dedc48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupRead
CreateTapePartition
ExitProcess
FindNextFileW
GetCurrentDirectoryW
GetEnvironmentStrings
GetTempFileNameA
GetTickCount
HeapDestroy
LCMapStringW
ReadFileScatter
SetFileApisToOEM
UnmapViewOfFile
WriteFileGather

advapi32

CreateProcessAsUserA
CryptAcquireContextW
CryptEncrypt
CryptEnumProvidersW
DuplicateToken
GetAccessPermissionsForObjectA
GetMultipleTrusteeOperationA
GetNamedSecurityInfoExA
LookupPrivilegeDisplayNameW
MakeAbsoluteSD
QueryServiceConfigW
RegLoadKeyW
RegRestoreKeyA
RegUnLoadKeyW

user32

ChangeClipboardChain
DdeGetData
DdeKeepStringHandle
DlgDirSelectComboBoxExA
GetCapture
GetKeyboardLayoutNameA
LoadBitmapA
OpenClipboard
PeekMessageW
RegisterHotKey
SendDlgItemMessageA
SendNotifyMessageA
SetCapture
SetMessageExtraInfo

shell32

DllGetClassObject
ExtractIconExW
ExtractIconResInfoW
FindExeDlgProc
InternalExtractIconListA
SHGetDiskFreeSpaceA
SHGetFileInfo
SHGetMalloc
SheChangeDirExA
SheGetDirW
ShellExecuteExW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE