afea48d5e5c06c6fb9998358c7332649_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afea48d5e5c06c6fb9998358c7332649_JaffaCakes118
Size

66KB
MD5

afea48d5e5c06c6fb9998358c7332649
SHA1

bc476adbf173f7803aa58822b82c46bc0be7848d
SHA256

d50ca68fc6861ff64a6c72e6785aea6a8f9b47c7f3c813923f9b8b2c9cbf67bd
SHA512

fc29e78b27594a9aeaa705ea653f867915614528d849bad168661584285c36cdb98d3b063351523435601360c5103a16172b4e4d227942e04a41336bd47cba13
SSDEEP

1536:6QHQLBwp0yaBT/JvUAu4pQHeTiWXUvEoDmWQ4p0F:NBp0tT/tUxGQiizMoDmWQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afea48d5e5c06c6fb9998358c7332649_JaffaCakes118

Files

afea48d5e5c06c6fb9998358c7332649_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7d9c4fe2746374675d572cc6bd17b5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAce
ReadEventLogW
CryptGenKey
PrivilegeCheck
CryptSetHashParam

kernel32

Beep
CreateSemaphoreW
EndUpdateResourceW
CopyFileExW
GetACP
GetDriveTypeW
GetExitCodeThread

user32

GetCursor
GetAsyncKeyState
GetProcessWindowStation
MapDialogRect
SetMenu
SetClipboardData

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE