eb0f912e3aef02c77dad80e17b57f2bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb0f912e3aef02c77dad80e17b57f2bb_JaffaCakes118
Size

744KB
MD5

eb0f912e3aef02c77dad80e17b57f2bb
SHA1

3ba1870506a2b88d5e55b3a96a2db76b512c2729
SHA256

5733c5a3f6e663ecb2a45616d60b65b84ce50baf9e2a0d86739caea85ce3a5e5
SHA512

166bdb4ad6772faee0518618d2d454ad5958a0d3805c7af9bd2f59aed594b72582afae5c1081629a80697c9981335c8d66be9cdf85b8c377472962591313c23f
SSDEEP

12288:iRkIU9kNluUFsCcP9X6aGzItloYJK9D+fMzFm4sW5yd2FnsMvjNNP1Qy:4Nl7c4P2uYJKAEJmn4HnsmzB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb0f912e3aef02c77dad80e17b57f2bb_JaffaCakes118

Files

eb0f912e3aef02c77dad80e17b57f2bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a2682a6995e7d3e46a6731c5e4ec58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
FindClose
SetEvent
GlobalLock
ExitProcess
UnmapViewOfFile
CloseHandle
LoadLibraryA
GetLastError
ReleaseMutex
SetConsoleTitleA
GetLogicalDrives
SetConsoleMode
GetModuleHandleA
OpenSemaphoreA
SetConsoleIcon
InterlockedExchange
GetTickCount
HeapDestroy
FindVolumeClose
VirtualProtect

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegFlushKey
GetLengthSid
RegCloseKey
IsValidSid
OpenEventLogA
EqualSid
CredFree
RegSaveKeyA
FreeSid
CloseTrace
GetAce
GetUserNameA
RegLoadKeyA
GetFileSecurityA
CloseEventLog
RegQueryValueExA
CloseServiceHandle
ReportEventA
RegCreateKeyExA
CopySid
LsaClose
OpenTraceA
IsTextUnicode
LsaFreeMemory
RegEnumKeyExA
IsValidAcl
CredReadA

uxtheme

GetThemeColor
GetThemeFont
GetThemeBool
GetThemeInt
CloseThemeData

devmgr

DevicePropertiesA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ