dc6736288ecc18fcb3b8b06c67fc17fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc6736288ecc18fcb3b8b06c67fc17fa_JaffaCakes118
Size

49KB
MD5

dc6736288ecc18fcb3b8b06c67fc17fa
SHA1

b5403966beed832a006c00ab2a2e97be611cfb58
SHA256

852e8cd1a6238acb976bc92ff89cd7ef58277b65e57b3f131d800b9dc797afb2
SHA512

bb998abb45538d5deca9e83f572fa1cad13f98e636e9af0d18cebddb4ca50a62412679c00889de9461ac4adf7c315c164e3907bdf5bbc889a4beba011ff589a1
SSDEEP

1536:x8PDOvlH/V7mUG7sfXUw1/E9PA9Zdrit:x8PivlH/sU5kw1oA9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc6736288ecc18fcb3b8b06c67fc17fa_JaffaCakes118

Files

dc6736288ecc18fcb3b8b06c67fc17fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0aeb421df5fec5dfcca10e117af5101

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupRead
ExitProcess
MoveFileExA
SetConsoleCursorPosition
VirtualUnlock

advapi32

AddAccessDeniedAce
BuildImpersonateTrusteeA
GetEffectiveRightsFromAclA
GetMultipleTrusteeA
GetSecurityInfoExA
GetTokenInformation
LookupPrivilegeNameW
NotifyChangeEventLog
ObjectOpenAuditAlarmA
OpenSCManagerA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegReplaceKeyA

user32

CreateCursor
DdeCreateStringHandleW
DdeQueryNextServer
DdeQueryStringW
DestroyCaret
DlgDirListComboBoxA
DrawFocusRect
GetKeyState
KillTimer
SetSysColors
TrackPopupMenuEx
UnloadKeyboardLayout

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE