c86344411b9d83311b9c4a2aa279e5c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c86344411b9d83311b9c4a2aa279e5c3_JaffaCakes118
Size

60KB
MD5

c86344411b9d83311b9c4a2aa279e5c3
SHA1

5001c9f61c660b4819b1ee05d8c06bc2cd87fef6
SHA256

8437a7b1dbe51c342e6c9f2d46216bd3fa7c6228522da85e4eb8f7224b453135
SHA512

df757f8c16ebb032d4c4d41619de3e340960b21abc4de89e7846cdd7eff5c8780daf2e2e757fee30a2492f3a1b1163f2c1f066f663c430e07c081e09e4f3b123
SSDEEP

1536:7g9gm5kK5+nJHdzsSx/M6KbNw57j2hMbfYUgbuummmpn:ocJ9zFxvAkwU6uJn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c86344411b9d83311b9c4a2aa279e5c3_JaffaCakes118

Files

c86344411b9d83311b9c4a2aa279e5c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ed984c1703c76fefebac3314a8b6d33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WaitForSingleObject
ReleaseMutex
ReadFile
CreateProcessA
GetSystemTime
LoadLibraryExA
GetSystemTime
WriteProcessMemory
LoadLibraryExA
VirtualProtect
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntA
SetThreadPriority
LoadLibraryExW
LoadLibraryExW
TerminateProcess
LoadLibraryExA
SleepEx
ReadFile
GetStartupInfoA
VirtualProtectEx
GetStartupInfoW
WriteProcessMemory

credui

CredUIInitControls
CredUIInitControls
CredUIParseUserNameA
CredUIReadSSOCredA
CredUIParseUserNameA
CredUIParseUserNameA
CredUIParseUserNameA

Sections

.text
Size: 51KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mesia
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ