f535f402bb982772a7bd415bff0fc11b_JaffaCakes118 | Triage

Sharing

General

Target

f535f402bb982772a7bd415bff0fc11b_JaffaCakes118
Size

9KB
MD5

f535f402bb982772a7bd415bff0fc11b
SHA1

a171f6066b500808d1597a2aaa1c0c672722a7ba
SHA256

d40a39644cacf506b4116c0da6ca0b428be3d1337cc12bfec4173f3e8442dc12
SHA512

9e927e70d87caf7afe24bb85d4dfa3435524a38a1bb7adab7c833e9d76a1971a61ef6662bf67a74f4a13ad54c50b53bdf1253303d306e4597ff81f256bc7f7cf
SSDEEP

192:W7uctHrLyL4VNUnf1pO/FB9f8yptDc7l+xbMhHBQ:guirFVN24NB9fBM6MhhQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f535f402bb982772a7bd415bff0fc11b_JaffaCakes118

Files

f535f402bb982772a7bd415bff0fc11b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbcc51f7d4528887bbabb05eeaa0ca42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateIoCompletionPort
ExitProcess
FindResourceExA
GetBinaryType
GetOEMCP
GetProfileSectionA
GetStartupInfoA
GetThreadContext
HeapDestroy
HeapValidate
OutputDebugStringA
Toolhelp32ReadProcessMemory

advapi32

AddAccessAllowedAce
CreateServiceW
CryptEnumProviderTypesA
DeregisterEventSource
GetSidIdentifierAuthority
LookupPrivilegeValueA
RegDeleteValueA

user32

DdeImpersonateClient
EnumDisplayMonitors
GetCaretPos
GetClipboardData
GetMenuItemID
HideCaret
LookupIconIdFromDirectoryEx
MonitorFromPoint
OemToCharBuffA
UnlockWindowStation

shell32

CheckEscapesA
SHAppBarMessage
SHBrowseForFolderA
SHGetDiskFreeSpaceA
SHGetFileInfo
SHGetNewLinkInfo
SHHelpShortcuts_RunDLL
SheFullPathA
ShellAboutW
Shell_NotifyIcon

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE