c7dce923ececfc0c8f5002d87c8051dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7dce923ececfc0c8f5002d87c8051dd_JaffaCakes118
Size

56KB
MD5

c7dce923ececfc0c8f5002d87c8051dd
SHA1

c160615becff2171ccca8cb4b96ee8d12e44642c
SHA256

b998687348cca71508fe4f455ee8b89572086b699e6e296ffe0c866766de7599
SHA512

325dcdf60ef2b1bc0bbc5bc970236c18770af7273bf74da1f5298ee837da26de7f350339a395616c5225a1179063b323dfb24e6c954caa4d89e14adbd0c94791
SSDEEP

768:HdRv+ccetAuSKZMDbV2GF3+4sCT8mO2atUFT3zCYNDn7AyUiKEerTa2CnOC94IFZ:HXTZA2+3fT8caK/DD3KRrNZlL3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7dce923ececfc0c8f5002d87c8051dd_JaffaCakes118

Files

c7dce923ececfc0c8f5002d87c8051dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7ab0cbec3f8cfc0adad96d9da59a4b86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDuplicateHash
GetTokenInformation
ReadEventLogW
InitializeSid
CryptDestroyHash

gdi32

SetLayout
BeginPath
GetNearestPaletteIndex
SetAbortProc
DeleteEnhMetaFile

kernel32

GetLastError

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jhpl
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ