affbdab3082339ee530221af9b15fca8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

affbdab3082339ee530221af9b15fca8_JaffaCakes118
Size

42KB
MD5

affbdab3082339ee530221af9b15fca8
SHA1

caafcbb9c03ddbba8cbbcfbe68c6dc4fcfd77c9e
SHA256

63a98d91fa1c37ee676033d6d0736d09bb1c2503790b462148647c58daa8d70e
SHA512

9a6341c6e56ea9938bf811bf41e2b754356ad3d69b1f9d5f93e2022bfcc1025d71e1edd775844f4fd910d84e700c92cb6953ed2e7464e3a22e7bb476b501a25d
SSDEEP

768:+0LDuy+l0JV3qbpeuN/KkIhY+KBG1hEsVq6OUp9Iosf6lkIzzN+bDk9fbPY9:NLDuy+mJVgpeBJ/zEvOI3ilkohB9fbPM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
affbdab3082339ee530221af9b15fca8_JaffaCakes118

Files

affbdab3082339ee530221af9b15fca8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

349fda8cb6ec90eb811cc1af31b6354a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesW
EscapeCommFunction
ExitProcess
FoldStringA
FoldStringW
GetLastError
GetSystemTime
GetVersion
GlobalDeleteAtom
GlobalUnlock
HeapReAlloc
LoadModule
ResetWriteWatch
SetCommMask
SetConsoleScreenBufferSize
SetMailslotInfo
SleepEx
SystemTimeToTzSpecificLocalTime
WriteConsoleOutputCharacterA
lstrcpyn

advapi32

BuildExplicitAccessWithNameA
BuildTrusteeWithNameA
CloseEventLog
CreateServiceW
CryptDestroyHash
CryptEnumProviderTypesA
CryptEnumProviderTypesW
DeleteAce
GetMultipleTrusteeOperationA
GetNamedSecurityInfoExW
OpenProcessToken
RegConnectRegistryA
RegEnumKeyW
RegEnumValueA
RegQueryValueA
SetNamedSecurityInfoW

gdi32

CreatePolyPolygonRgn
EnumFontFamiliesExA
EnumFontsA
EnumMetaFile
FillPath
GetCharWidth32A
GetLayout
GetPaletteEntries
PlayMetaFileRecord
ScaleViewportExtEx
SetBkColor
SetICMProfileW
SetLayout
SetStretchBltMode
SetTextColor
TranslateCharsetInfo

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE