d221f1ff17ee6bdf6d2438f1076d421f_JaffaCakes118 | Triage

Sharing

General

Target

d221f1ff17ee6bdf6d2438f1076d421f_JaffaCakes118
Size

90KB
MD5

d221f1ff17ee6bdf6d2438f1076d421f
SHA1

9befb000fbc86f5cc406156805037c7f733719a7
SHA256

905c56a70dac0b41e68c9faaf1f961306e04c5b14e113bb96ef745448949674a
SHA512

1bc76e0de540e1233c50e470084df73ce16c346fda6b5c30d51c21e35a4054e4b596f48cd387c24e85c370dbb0eb8e1b0cfe481da5aa75e1f02412f79b913b8f
SSDEEP

768:o34HQFhlXPDOD9We0V8NobS5zxddr1RvPyzIKFJ5yMMuiUTnp7vSDIA:o34HQFLPDOpWz4b5hjBuJYMMui6np7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d221f1ff17ee6bdf6d2438f1076d421f_JaffaCakes118

Files

d221f1ff17ee6bdf6d2438f1076d421f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8446cf693324e2710d73b66a1007d8ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CreateThread
SearchPathA
FindAtomA
Sleep
lstrlenA
FindClose
FindVolumeClose
DeleteCriticalSection
SetEvent
GetLastError
ReleaseMutex
GetCalendarInfoA
GetModuleHandleA
GetStartupInfoA
CreateMutexA
VirtualProtect
TlsGetValue
FindResourceExA
CloseHandle

advapi32

CloseTrace
IsValidSid
RegEnumKeyExA
LsaSetSecret
CloseEventLog
OpenEventLogA
RegLoadKeyA
RegCloseKey
LsaFreeMemory
AccessCheck
RegCreateKeyExA
GetFileSecurityA
FreeSid
LsaClose
RegCloseKey

msdtcuiu

DtcPerfCollect
DllRegisterServer
DtcPerfOpen
DtcPerfClose
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ