ffa50a70ca53347870003a1a0260bf70_JaffaCakes118 | Triage

Sharing

General

Target

ffa50a70ca53347870003a1a0260bf70_JaffaCakes118
Size

53KB
MD5

ffa50a70ca53347870003a1a0260bf70
SHA1

34f7b72614b6295663774e592e450bd7d026e359
SHA256

c2673a7bfbe3a227d18bf944fa21f128b5aeb0c28c0ec890349cc15f9a9f4664
SHA512

6b87ecff281eeaf6ab5470f85f7e00377b4511e540840c36b592bed7130fc942bcb265b451f8396e4040a484b600b603520c528465cbfadab9273a9ec8a88a65
SSDEEP

1536:1Gd4NknwTSDgBTdFZoJGQSXxamgM8ed73cbs:1SAknISYrovLmCed7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa50a70ca53347870003a1a0260bf70_JaffaCakes118

Files

ffa50a70ca53347870003a1a0260bf70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

753e5a81fe0225b58402ca7c035ea41a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EscapeCommFunction
ExitProcess
FormatMessageA
GetCalendarInfoW
GetCurrencyFormatA
GetProcessHeap
LeaveCriticalSection
lstrcpyA

advapi32

CreateServiceW
CryptEnumProvidersA
DestroyPrivateObjectSecurity
GetCurrentHwProfileA
GetNumberOfEventLogRecords
ObjectCloseAuditAlarmA
ObjectOpenAuditAlarmW
RegDeleteKeyW
RegSetValueW
RevertToSelf

user32

CloseDesktop
DragDetect
GetClassInfoA
GetGUIThreadInfo
GetMenuItemRect
GetMonitorInfoW
IsCharUpperA
MapVirtualKeyExW
MenuItemFromPoint
OpenInputDesktop
RegisterDeviceNotificationW
SendDlgItemMessageA
SetClassLongW
SetDebugErrorLevel
WinHelpA

shell32

Control_FillCache_RunDLL
DragQueryFileAorW
DragQueryFileW
ExtractAssociatedIconExW
InternalExtractIconListW
SHFileOperation
SHGetFileInfo
SHHelpShortcuts_RunDLL
SheConvertPathW
Shell_NotifyIcon

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE