dfa45fea22a6657cb0a3bd9fb28fe449_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfa45fea22a6657cb0a3bd9fb28fe449_JaffaCakes118
Size

198KB
MD5

dfa45fea22a6657cb0a3bd9fb28fe449
SHA1

21391fe4b6fe90b49b6edcd1d498e312eac4e602
SHA256

1248bb13a0a76d772dfeb8f584b31a268ea5f21ec1a45d03beed7db43c677da6
SHA512

ad6f31fb5be2390a8f9ecbb9dcc0f6d65b80076061b22c44da2fbbd131b387dd9085abecfd6aed51c3b4de80be6c32afa910c8eb006844aefe70c55f8e462d11
SSDEEP

3072:rp1eelDv3tPBjDKrjDR1es++BOBU9GKIyFycQHeurfnUaeAg3ahJsTC63mK6Pj:rOgtPByd8t+BejrfUzP3QJsTC63B6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa45fea22a6657cb0a3bd9fb28fe449_JaffaCakes118

Files

dfa45fea22a6657cb0a3bd9fb28fe449_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c38b5d71b8a422f14ab5bb7ff45b0827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

wnsprintfW

kernel32

CreateFiberEx
GetTempPathW
TerminateJobObject
FileTimeToSystemTime
EnumResourceNamesW
FlushFileBuffers
LocalAlloc
SetEvent
RaiseException

advapi32

RegCloseKey
RegOpenKeyExA
EncryptFileW
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
DecryptFileW

ole32

CreateStreamOnHGlobal
CoRevokeClassObject
CreateClassMoniker
CLSIDFromString
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoResumeClassObjects
CoAddRefServerProcess
CoRegisterClassObject
CoReleaseServerProcess
GetRunningObjectTable
CoInitialize
CoDisconnectObject
CoRegisterMessageFilter
CoTaskMemAlloc

rpcrt4

UuidCreate

iphlpapi

NotifyRouteChange

user32

MsgWaitForMultipleObjects
TranslateMessage
PostThreadMessageW
DispatchMessageW
RealGetWindowClass
PeekMessageW

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ