fa4aa82a413182965fa7368b4a35d602_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa4aa82a413182965fa7368b4a35d602_JaffaCakes118
Size

51KB
MD5

fa4aa82a413182965fa7368b4a35d602
SHA1

51f2e3d0ee5f80f4a418d8aa46a4f6f932f0b595
SHA256

282f23cf2d06bf1edb708ca0fcf02f903e0e8186acd3c937651b7e2756fad23a
SHA512

831893ec38c7cf0ff71e7c073368998d8f36cf236ddefc864c80eb7ea9d3db31678e9df86bf7749a8b13d781d7b23511c383ae1976d7c4ddb3b47e1c57962903
SSDEEP

768:ou6BCwsC34usLUhnA3czR7uXBvWQ1TpCKJk79N6E98prunjuMBbDJTT94PMOGa74:orB+CXhn7gxEXL9UqnjuObZKMOGa7q0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa4aa82a413182965fa7368b4a35d602_JaffaCakes118

Files

fa4aa82a413182965fa7368b4a35d602_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a0b446145ef6163b18bb3fcb611c470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetBinaryTypeA
GetCPInfoExA
PulseEvent
VirtualAllocEx
WritePrivateProfileSectionA
WritePrivateProfileStringW

advapi32

BackupEventLogA
ChangeServiceConfigA
ConvertSecurityDescriptorToAccessNamedW
CryptEnumProvidersW
CryptSetProviderW
GetAccessPermissionsForObjectW
GetMultipleTrusteeOperationA
GetMultipleTrusteeW
GetTrusteeTypeW
LookupPrivilegeDisplayNameA
ObjectCloseAuditAlarmA
QueryServiceObjectSecurity
RegConnectRegistryW

user32

DdeQueryStringW
DdeUnaccessData
DestroyAcceleratorTable
GetCursor
GetLastActivePopup
GetNextDlgGroupItem
GetWindow
LoadMenuW
RegisterDeviceNotificationA
ReuseDDElParam
SendIMEMessageExW

gdi32

CloseEnhMetaFile
CopyEnhMetaFileW
CreateDCW
GetCharWidthFloatW
GetViewportOrgEx
InvertRgn
PaintRgn
PlayMetaFileRecord
RealizePalette
SaveDC
SelectPalette
SetPixelV
SetTextAlign
SetWinMetaFileBits
TextOutW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE