da9386e7a0b44f9957b4a215c5f812da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da9386e7a0b44f9957b4a215c5f812da_JaffaCakes118
Size

326KB
MD5

da9386e7a0b44f9957b4a215c5f812da
SHA1

898b6136792c444f5263861be9f78305b7229960
SHA256

e22f9e69aa5f4361d9770cd17b5a7c229f8803b2f4a61ced2098e905c4e141aa
SHA512

4b1f9b097088ed899ecc72bd2be607a7266c1ff2970067731fcef5adbc3aacb66d45ebda6348090cc4238536c5bab541436f161f713768aff3154e70a0829058
SSDEEP

6144:PpBgpXncwU6dwCz5nReZU87/iIb2Npr1eA3kzufyZf1Zo1JBd:PHghxWClnLIb2Lh70zC+ZoXBd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da9386e7a0b44f9957b4a215c5f812da_JaffaCakes118

Files

da9386e7a0b44f9957b4a215c5f812da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82cb0cf7049f340a483e8848e8767336

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
GetTickCount
GetCommandLineW
GetModuleHandleA
ResetEvent
lstrlenA
SetLastError
LoadLibraryA
GetDiskFreeSpaceA
ResumeThread
CloseHandle
GetSystemTime
FindAtomA
GetDriveTypeA
GetFileAttributesA
CreateThread
LocalFree
HeapCreate
GetPrivateProfileStructW
CreateFileA

advapi32

GetLengthSid
IsTokenUntrusted
RegEnumKeyExA
RegEnumValueA
RegCloseKey
GetFileSecurityA
CloseEventLog
RegCreateKeyExA
CreateServiceA
GetUserNameA
RegQueryValueA
RegDeleteKeyA
FreeSid

ntshrui

IsPathSharedW
GetNetResourceFromLocalPathA
IsFolderPrivateForUser
IsPathSharedA
GetLocalPathFromNetResourceA

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ