dac4092cb1741d3ba78ad1cc9a9a8950_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dac4092cb1741d3ba78ad1cc9a9a8950_JaffaCakes118
Size

49KB
MD5

dac4092cb1741d3ba78ad1cc9a9a8950
SHA1

5fed55ccb0421c3a0ebcb77663f9646934c6fb8c
SHA256

268db552a1b7217e0f76200c9c975fa503ad4701bedfcb202fc199aff586b91b
SHA512

d570ffa91a640b9bed35599bbe13fc8c4cc2388d21fd62aed7f2a581dc0275fcfe7755f8f1228c28b6b7c36f1e54b61dad20fe90db70a14c295c83dfb95d789e
SSDEEP

768:lTMsthGSA4+axdGnw3tNDGPtciTzCfvBKUyKfFBXhVxo9cpgTC8O3t9CAg:5MstsSV+Nw3y9zCftXxVxo9jTC8Ut9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dac4092cb1741d3ba78ad1cc9a9a8950_JaffaCakes118

Files

dac4092cb1741d3ba78ad1cc9a9a8950_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1b2776fea1336b2dbd82be33931f767

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupRead
ExitProcess
GetFileAttributesExA
GetFileType
Heap32First
ReleaseSemaphore

advapi32

CopySid
CryptSetProviderW
GetMultipleTrusteeA
MakeSelfRelativeSD
ObjectDeleteAuditAlarmW
RegQueryMultipleValuesA
SetKernelObjectSecurity
StartServiceCtrlDispatcherA

shell32

DllGetVersion
DragFinish
DuplicateIcon
InternalExtractIconListW
RealShellExecuteExW
RegenerateUserEnvironment
SHBrowseForFolder
SHGetDataFromIDListA
SHInvokePrinterCommandW
SheChangeDirExA
SheFullPathA
SheSetCurDrive

gdi32

CreateDCW
CreateMetaFileA
EnumFontFamiliesExW
ExtTextOutA
GetBkColor
GetDIBits
GetPixel
GetTextFaceA
ResizePalette
SetPixelFormat
SetStretchBltMode
SetViewportOrgEx
SetWindowExtEx
StretchDIBits

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE