dae9b0af98798819c928ebad496dd9b2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dae9b0af98798819c928ebad496dd9b2_JaffaCakes118
Size

54KB
MD5

dae9b0af98798819c928ebad496dd9b2
SHA1

ed230a8590806c8be324f91132e2c2d5038443eb
SHA256

215d83674de8ad9800461df279d9ec843f6f950085a4b80768786d1cf9dd56bd
SHA512

ab4d2a8379e86b9196d558461a724d1419236417e1ede2ef0424070d32eeded990a60e2f8b4c426d577f55dde67e832d990d17e5faa8280b16fab3deacec753b
SSDEEP

1536:ZvPd9qIPs03vcGecw4sACxJyRH9HRqvxWadX0paUg:FrLh3vcjXPJyVm5WadkwU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae9b0af98798819c928ebad496dd9b2_JaffaCakes118

Files

dae9b0af98798819c928ebad496dd9b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86d791b0dfbfaa1394bb8038a95442ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
ExitProcess
GetEnvironmentStringsA
GetEnvironmentVariableA
GetTempPathW
GetWriteWatch
GlobalUnlock
OpenFileMappingA
OutputDebugStringA
SetVolumeLabelW
UnmapViewOfFile
VirtualLock
WriteFileEx
_llseek

advapi32

CryptEnumProvidersW
CryptGetUserKey
GetSecurityDescriptorLength
InitiateSystemShutdownA
LogonUserW
LookupPrivilegeNameA
NotifyBootConfigStatus
ObjectCloseAuditAlarmW
ObjectDeleteAuditAlarmA
RegConnectRegistryA
SetKernelObjectSecurity
SetPrivateObjectSecurity
SetSecurityDescriptorGroup

user32

DefMDIChildProcA
GetCapture
GetClipboardData
GetScrollInfo
LoadKeyboardLayoutW
MsgWaitForMultipleObjects
OpenIcon
PostMessageW

shell32

DragQueryFile
DragQueryFileAorW
DuplicateIcon
OpenAs_RunDLLA
PrintersGetCommand_RunDLLW
SHGetFileInfoA
SHGetSpecialFolderPathA
SHUpdateRecycleBinIcon
SheFullPathA
SheGetDirW
SheRemoveQuotesA
ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE