d4ba5cc1bc2715b5796b9e51ba4dfe7c_JaffaCakes118 | Triage

Sharing

General

Target

d4ba5cc1bc2715b5796b9e51ba4dfe7c_JaffaCakes118
Size

53KB
MD5

d4ba5cc1bc2715b5796b9e51ba4dfe7c
SHA1

120add82272078cd12754654791003e36f7df954
SHA256

4c438ad378929d9542e0e2fc752eca441eb28e904ebbf494a4726fcf459544b0
SHA512

33a23c1a7fc407b344f7f9aa02c6cf0280a5d1321b93cdf022d17b9ed5e4c32bbc623662cbd8505e95a42b74ee5be7805d020e454670709b63a94dd0fe7265ad
SSDEEP

1536:L+jadk7swXvgQDh+QArlgw/TWUQm2U213srQa6VuT5iM7G:Cj9wu4QDFArlgw7WUzi136dx7G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ba5cc1bc2715b5796b9e51ba4dfe7c_JaffaCakes118

Files

d4ba5cc1bc2715b5796b9e51ba4dfe7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30361fac8443ab65325942d533784b99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
ExitProcess
GetProcessWorkingSetSize
IsDebuggerPresent
IsValidCodePage
PostQueuedCompletionStatus
RaiseException
ReadConsoleW
ReleaseSemaphore
SetConsoleWindowInfo
SetLocaleInfoW
WriteTapemark

advapi32

BuildTrusteeWithSidW
CryptEncrypt
EqualSid
GetSecurityDescriptorControl
GetServiceKeyNameA
LookupAccountNameA
NotifyChangeEventLog
OpenBackupEventLogW
RegCreateKeyExW
RegEnumKeyExA
RegEnumKeyExW
SetEntriesInAclA
SetServiceBits
SetTokenInformation

user32

ActivateKeyboardLayout
ChildWindowFromPoint
DdeAbandonTransaction
DeleteMenu
DrawCaption
GetPropA
IsWindowEnabled
ModifyMenuA
OpenInputDesktop
SetInternalWindowPos

shell32

CommandLineToArgvW
DragFinish
ExtractAssociatedIconA
FindExeDlgProc
InternalExtractIconListA
OpenAs_RunDLLA
SHChangeNotify
SHEmptyRecycleBinW
SHInvokePrinterCommandW
SheFullPathW
SheSetCurDrive
ShellAboutA
ShellHookProc

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE