b4aca2e6f04bcd9e4be804a3f15ae6c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4aca2e6f04bcd9e4be804a3f15ae6c2_JaffaCakes118
Size

39KB
MD5

b4aca2e6f04bcd9e4be804a3f15ae6c2
SHA1

df559045afd27814d5b8a8c7c6887330288da45f
SHA256

125722861bc220ff24a099a27259c2c4bdb62e73d9f1a817c535148480d718ad
SHA512

8e4a8f11cde777e76f301a6dca7814e92d01110bb88fa073d10d1c34df94ca35d21a8b221c1835da9fe489801e4d5564cc7c68ae548e8d81405edc7c7ead57f0
SSDEEP

768:+O0t9yeoOkwYszo5Rq8FV2O9Gvkoh3Vp5ChPhOlwZsM2Ni8t:+t0rwvaRq8FV2O9GtVp5Cml+uNLt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4aca2e6f04bcd9e4be804a3f15ae6c2_JaffaCakes118

Files

b4aca2e6f04bcd9e4be804a3f15ae6c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97221e9ca0f9ac97dd92827be7765d1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleFileNameA
GetSystemDefaultLCID
GlobalUnWire
GlobalUnfix
LocalFileTimeToFileTime
OpenFileMappingW
SetCommBreak
SetFileApisToANSI
SetThreadContext
WriteConsoleOutputCharacterW

advapi32

BuildTrusteeWithNameW
ClearEventLogA
ConvertSecurityDescriptorToAccessNamedW
CryptGenRandom
DestroyPrivateObjectSecurity
EnumServicesStatusW
GetAuditedPermissionsFromAclA
GetLengthSid
GetTrusteeNameW
ImpersonateLoggedOnUser
RegCreateKeyA
StartServiceCtrlDispatcherA

user32

ArrangeIconicWindows
CharToOemA
CharUpperA
CreateWindowExA
DdeAccessData
DdeFreeDataHandle
DestroyIcon
DrawIconEx
GetClassInfoA
GetMenuContextHelpId
GetMessagePos
GetMonitorInfoA
GetWindowDC

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE