bd71679346ac67e76c08eb57353c5bdc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd71679346ac67e76c08eb57353c5bdc_JaffaCakes118
Size

41KB
MD5

bd71679346ac67e76c08eb57353c5bdc
SHA1

aceffa67e814370ef20ac4a307fb2c46bcb03411
SHA256

79ae594d344315331187668328b4285044f5d689e1b32de4bb2210ddf55774ba
SHA512

087259e6c3967dc93f67e9b506cff91f2caf5b8bad26e57fcaf39454e2f2034a8404fcbf4d231208214bd2413014c5dc4008761ea3fd44a79adbca23de025967
SSDEEP

768:RTs2W4y35UvopJGxEZiDzFQBLcdT7eUSKCBLyilGot66t+L:RTs2WzUApJGxyiDUL+DGyy3t6DL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd71679346ac67e76c08eb57353c5bdc_JaffaCakes118

Files

bd71679346ac67e76c08eb57353c5bdc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccb85729d87bcc202723fa65d64f1627

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
ConvertDefaultLocale
CreateEventA
ExitProcess
GetHandleInformation
LocalFlags
QueryDosDeviceW
lstrcmpiW

advapi32

AdjustTokenGroups
OpenThreadToken
RegCloseKey
RegConnectRegistryW
RegEnumKeyW
RegEnumValueA
RegQueryInfoKeyA
RegSetValueW
SetFileSecurityA

shell32

CheckEscapesA
CommandLineToArgvW
DragQueryFileAorW
SHAddToRecentDocs
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHQueryRecycleBinA
SheChangeDirExW
SheFullPathW
SheSetCurDrive
ShellExecuteW

gdi32

AbortPath
ChoosePixelFormat
CreateFontIndirectW
CreatePalette
EndDoc
EnumFontsA
FloodFill
FrameRgn
GetDeviceCaps
GetGlyphOutlineW
GetMetaFileW
SetMapMode
SetPaletteEntries
SetViewportExtEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE