b8a1afc186d7bb7db05b80c01544c4cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8a1afc186d7bb7db05b80c01544c4cf_JaffaCakes118
Size

19KB
MD5

b8a1afc186d7bb7db05b80c01544c4cf
SHA1

9cd4a2086d87f2fad05f557faf6f02c02c030333
SHA256

c136ee19b8291e574519ae913a1fbfadd676e2073fd079f74a622e18b7d80a45
SHA512

c46b1cd30ae6cbb4d74881b60a71667c34c78fff4f86cc5480bf37f21ce659a6d887a732997a6bd9884ed1513053482db43e2e608c7936cb49e8d7c1a4b77931
SSDEEP

384:mKBXZnz+zzu7gZYRtDRSOlrZKIR+povmcHM8oouG4oP:3BpnqzzEtDRSQVNRvBs8Hu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8a1afc186d7bb7db05b80c01544c4cf_JaffaCakes118

Files

b8a1afc186d7bb7db05b80c01544c4cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb2486dddecb38f1f4c642ae62991c7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FindFirstFileW
GetBinaryTypeW
GlobalUnlock
HeapDestroy
LocalCompact
ResetWriteWatch
RtlUnwind
SetFileApisToANSI
SetSystemTimeAdjustment

advapi32

GetCurrentHwProfileW
InitializeAcl
OpenBackupEventLogA
OpenThreadToken
QueryServiceConfigA
SetNamedSecurityInfoExA
StartServiceA

user32

CharLowerBuffA
DrawCaptionTempW
GetClassLongW
InsertMenuItemA
LoadCursorFromFileA
MapVirtualKeyA
SetClipboardViewer

shell32

DuplicateIcon
ExtractAssociatedIconExA
ExtractIconA
SHEmptyRecycleBinA
SHFileOperationA
SHGetSpecialFolderPathA
SHInvokePrinterCommandW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE