b1f6ab9e7f57fb2c7b5da60612916757_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1f6ab9e7f57fb2c7b5da60612916757_JaffaCakes118
Size

227KB
MD5

b1f6ab9e7f57fb2c7b5da60612916757
SHA1

95b9d58eebb918d0c54e6843ff42d205a4d999d3
SHA256

7f1d74924f573bcea21bb884a71b13c8eb7523469111daff236772fb2b3da90f
SHA512

265c1a94dd9b1f6656afa0f5dea45a111484bfb444417dcb0ea391d7913c1a4345f51b9da7f056ab5befbae1e96110b26599a810f72399b1bd803037560a35cb
SSDEEP

3072:zK5JnbsHnAxn0rp8mWwQ1D+VAhUzFOGwZWLcIVeQ0ZQ0r6+IFzP6:uXYH4n02CQ1D+iaR0EII30X6z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1f6ab9e7f57fb2c7b5da60612916757_JaffaCakes118

Files

b1f6ab9e7f57fb2c7b5da60612916757_JaffaCakes118
.exe windows:4 windows x86 arch:x86

769d946899897ce734406bae24d023a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ConnectNamedPipe
CreateSemaphoreA
DosDateTimeToFileTime
ExitProcess
FindCloseChangeNotification
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetOEMCP
GetProfileSectionW
GetWriteWatch
HeapWalk
OpenProcess
ReleaseSemaphore
SetCalendarInfoA
WaitForMultipleObjects

advapi32

CryptGetDefaultProviderW
CryptSetHashParam
DeleteAce
FreeSid
GetAclInformation
GetPrivateObjectSecurity
LookupSecurityDescriptorPartsW
MakeSelfRelativeSD
RegNotifyChangeKeyValue
RegRestoreKeyA
SetServiceBits

user32

CheckMenuItem
ClipCursor
CreateMDIWindowW
DdeCreateDataHandle
DrawTextA
GetFocus
IsMenu
LoadImageW
SetMenuDefaultItem
SetMessageExtraInfo
SwapMouseButton

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 223KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ