bb4593e662c5492a4739c6a6c01de786_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb4593e662c5492a4739c6a6c01de786_JaffaCakes118
Size

38KB
MD5

bb4593e662c5492a4739c6a6c01de786
SHA1

9b17de83b6aaa6c5f9e4ae175a255da3d8638b75
SHA256

0603cfb1bf472ffc42f0fc18108a97a485a73263d6f96474977b3f843241db92
SHA512

8e53973d160c3cb905641e4ad39bf7dbf8e562da8ff2d7b8086ae954970017316442e34691ceb231ff464c5281e998b9b1b6739e772b2eb8fbb3b269c2cca7d1
SSDEEP

768:cMhYumn+kANlOGwwqysIOwNBHYN28La5qNWlglObo6W19LHFel3E:XGunNlJqys/w/b8LayW6yZoRe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb4593e662c5492a4739c6a6c01de786_JaffaCakes118

Files

bb4593e662c5492a4739c6a6c01de786_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c7e278149a954387274ad8920752bc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
CreateIoCompletionPort
DeleteFileW
ExitProcess
GetCurrentDirectoryA
GetProcAddress
GetProcessShutdownParameters
GetWriteWatch
OpenSemaphoreW
OutputDebugStringA
TransmitCommChar
VirtualQueryEx

advapi32

AccessCheckAndAuditAlarmW
BuildTrusteeWithNameW
ConvertSecurityDescriptorToAccessA
GetAuditedPermissionsFromAclW
GetMultipleTrusteeA
GetNamedSecurityInfoExA
ObjectCloseAuditAlarmW
OpenBackupEventLogW

user32

CheckMenuItem
ClipCursor
CopyAcceleratorTableA
CopyIcon
CreateCursor
DlgDirSelectComboBoxExA
IMPQueryIMEW
SetClassLongW
SetMessageExtraInfo
TabbedTextOutW

gdi32

CreateEllipticRgnIndirect
GetCharABCWidthsFloatA
GetCharWidthFloatW
GetDIBits
GetTextFaceA
PatBlt
Pie
PlgBlt
SetTextCharacterExtra
SetWindowOrgEx
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE