db80f4a5d79578eeb3d0bce86dee43c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db80f4a5d79578eeb3d0bce86dee43c2_JaffaCakes118
Size

38KB
MD5

db80f4a5d79578eeb3d0bce86dee43c2
SHA1

020797f947fad87d18dc69d447aba64afba8e891
SHA256

c973883ca5313b0e47fd3c3d4cdff2ef1cff7d4c5c97217af764e216558d1b5d
SHA512

2bc625aaaabe9d0dd3f05506e4e07a3c89fa52fb50d98a3666dee898984a149f42ddadf04ddc1aa52dfc4c0f7ca0210475eefd4cf9d6260e86dba5ce25fb9aee
SSDEEP

768:cxLOIdZDldtupFZBqET3W8L/92khKVvTHu0aJiX2b2LnzhNHo9BPw:cxLOId1ldtcl1Z2b9aJsq2LvHo9BPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db80f4a5d79578eeb3d0bce86dee43c2_JaffaCakes118

Files

db80f4a5d79578eeb3d0bce86dee43c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc2515ab4cae84bd8e27e938b2584744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsA
DeleteAtom
ExitProcess
HeapSize
SetConsoleCursorInfo
SetFileApisToANSI
UTRegister
WritePrivateProfileSectionW

advapi32

AdjustTokenGroups
GetAccessPermissionsForObjectA
GetNamedSecurityInfoA
GetSidIdentifierAuthority
IsValidAcl
LookupAccountSidW
LookupPrivilegeValueA
RegQueryMultipleValuesA
RegQueryValueW
RegUnLoadKeyW
RegisterEventSourceA
SetFileSecurityW

user32

DefDlgProcW
DrawIcon
DrawStateW
EnumDesktopsW
FlashWindowEx
GetClipboardSequenceNumber
GetMessageW
OpenDesktopA
OpenInputDesktop
SetMenu
SetPropA
UnloadKeyboardLayout
WINNLSGetEnableStatus
WaitMessage

shell32

CommandLineToArgvW
Control_FillCache_RunDLLA
DoEnvironmentSubstA
DuplicateIcon
ExtractIconExA
FindExecutableW
InternalExtractIconListW
PrintersGetCommand_RunDLL
PrintersGetCommand_RunDLLA
RealShellExecuteExW
SHBrowseForFolderA
SHGetDiskFreeSpaceA
SHGetFileInfoW
SHQueryRecycleBinA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE