cfa046c03939e2c73c79a78df3203f64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfa046c03939e2c73c79a78df3203f64_JaffaCakes118
Size

75KB
MD5

cfa046c03939e2c73c79a78df3203f64
SHA1

6e80416dc064ce1642185de84667f6d7e5c30734
SHA256

e49e8a7389604a0b4c685a2df6a6d518b615ced243f4577f84eccc30ae738e54
SHA512

8d635d95f461d610b18a949b2f6407e368109d7323ec9c959ff0e5c8829b7dc6a42e951c296c7f270fa15bd7fbd47b6a45b964baa42d7f0749d2ff46f6bc86f4
SSDEEP

1536:NX1pGSJZIByJMmfvxES9UwQ0/e8Q31VU:VySfIByJBZ9UwQUQ31V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfa046c03939e2c73c79a78df3203f64_JaffaCakes118

Files

cfa046c03939e2c73c79a78df3203f64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98e2354cc48064aebea2f08dc2706377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegOpenKeyExA
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegCloseKey
RegSetValueExA

user32

GetDesktopWindow
wsprintfA
GetWindowRect

ole32

StringFromGUID2
CoCreateGuid

ws2_32

WSAStartup
WSCUnInstallNameSpace
WSAGetLastError
WSCInstallNameSpace

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcpyA
DeleteFileA
GetTempPathA
CloseHandle
GetVersionExA
GetModuleFileNameA
GetSystemDefaultLangID
ExitProcess
CreateFileA
FindResourceA
lstrlenA
lstrcpynA
LoadResource
ExpandEnvironmentStringsA
WriteFile
WideCharToMultiByte
Sleep
SizeofResource
lstrcatA
MultiByteToWideChar
VerLanguageNameA
GetTempFileNameA
LockResource
RtlUnwind

shell32

ShellExecuteExA
SHFileOperationA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ