df12bf58368f0393d855ac92ed444fcb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df12bf58368f0393d855ac92ed444fcb_JaffaCakes118
Size

50KB
MD5

df12bf58368f0393d855ac92ed444fcb
SHA1

50345aa3a38e80488beb3cf42d03d19faf019c33
SHA256

095888f798c680923991c23a3bb70b34dcdd15658e6e9d9371b7103dc0a9617b
SHA512

0fd4089987b821f5f35e3d7e1aa88957722b49c335e75dd245f5ce45c38cf7904030ec11ddcaf973d7a7775372971fd170f837eab07241cd1e0b88080e06c28a
SSDEEP

1536:EBbXgvBC3iLSbmYvtqFunVA6Dr+gqa7bD:EBQBUqSEFuVY8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df12bf58368f0393d855ac92ed444fcb_JaffaCakes118

Files

df12bf58368f0393d855ac92ed444fcb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c6e956c222d0eb10f69f40c0346d2e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoExA
ExitProcess
FindClose
GetExitCodeThread
MoveFileA
ReleaseSemaphore
VerLanguageNameW
WaitForMultipleObjects
WideCharToMultiByte

advapi32

GetLengthSid
OpenThreadToken
ReadEventLogA
RegDeleteKeyA
SetEntriesInAuditListA
SetPrivateObjectSecurity
StartServiceCtrlDispatcherA
TrusteeAccessToObjectA

user32

AdjustWindowRectEx
DdeInitializeW
GetClipboardFormatNameA
OffsetRect
SetSystemCursor
wvsprintfW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE