f6893a93721a4eb9ec395055af0f00c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6893a93721a4eb9ec395055af0f00c3_JaffaCakes118
Size

744KB
MD5

f6893a93721a4eb9ec395055af0f00c3
SHA1

a00ee23b5d985bf2125e27a8c9543445f4994cde
SHA256

36df61e221334ebf605f455126439b9f5702e078507fb492ce7891120af92cb8
SHA512

2b312d5cfddde199c90abdaa3b814862b1f275d2ef3d1f7a069d5bc1c49ba8a23d6b74bc515de4eadd345ecbc9f00b2ebe40eb354d9cd0872b702075e3de1338
SSDEEP

12288:g1IU9kNluUFsCcP9X6aGzItloYJK9D+fMzFm4sW5yd2FnsMvjNNP1QP:gUNl7c4P2uYJKAEJmn4Hnsmzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6893a93721a4eb9ec395055af0f00c3_JaffaCakes118

Files

f6893a93721a4eb9ec395055af0f00c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4f352c3c016f42d860d71eb2d7a662c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReleaseMutex
SetConsoleTitleA
FindClose
HeapDestroy
InterlockedExchange
GetLastError
VirtualProtect
SetConsoleMode
GetModuleHandleA
SetConsoleIcon
UnmapViewOfFile
OpenSemaphoreA
CreateMutexA
LoadLibraryA
GetTickCount
SetEvent
GetLogicalDrives
GlobalLock
ExitProcess
FindVolumeClose

advapi32

CloseServiceHandle
FreeSid
IsValidAcl
CloseTrace
OpenTraceA
RegQueryValueExA
RegQueryInfoKeyA
RegLoadKeyA
RegEnumKeyExA
RegEnumValueA
CopySid
GetUserNameA
OpenEventLogA
RegFlushKey
GetLengthSid
GetAce
ReportEventA
IsTextUnicode
CredFree
LsaFreeMemory
RegCloseKey
LsaClose
GetFileSecurityA
RegSaveKeyA
CredReadA
RegCreateKeyExA
IsValidSid
EqualSid
CloseEventLog

uxtheme

GetThemeBool
GetThemeFont
GetThemeColor
CloseThemeData
GetThemeInt

devmgr

DevicePropertiesA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ