109824211e6897a997bfe623b9ef7787_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

109824211e6897a997bfe623b9ef7787_JaffaCakes118
Size

323KB
MD5

109824211e6897a997bfe623b9ef7787
SHA1

1ded8ab51bcd47b568a4c1bc7abb17e31c31ca03
SHA256

ca2c95cded95fe7d972f91a5a845a9cbcad4214d03d22b690703850be218861b
SHA512

c5ce465d58e4fd55141faece617bd64b50855da5af8c93316eef35b79a7840cea527b26a997d47846930bc1d0dffd17fb9b7f64952611c9ee1716416fa8e3fd3
SSDEEP

6144:KpBgpXncwU6dwCz5nReZU87/iIb2Npr1eA3kzufyZf1Zo1JBdu:KHghxWClnLIb2Lh70zC+ZoXBdu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109824211e6897a997bfe623b9ef7787_JaffaCakes118

Files

109824211e6897a997bfe623b9ef7787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a74000e1b2490d282eea9adcbc18ae9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetFileAttributesA
CreateFileA
GetCommandLineW
CloseHandle
CreateThread
SetLastError
lstrlenA
SetEvent
GetDiskFreeSpaceA
GetExitCodeProcess
LoadLibraryA
GetComputerNameA
GetTickCount
GetModuleHandleA
HeapCreate
LocalFree
ResumeThread
GetSystemTime
GetDriveTypeA

advapi32

GetUserNameA
RegCloseKey
IsTokenRestricted
RegEnumValueA
RegCreateKeyExA
CreateServiceA
CloseEventLog
GetLengthSid
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueA
FreeSid
GetFileSecurityA

dsprop

MsgBox
ReportError
ErrMsg
FindSheet
CheckADsError

sysdm.cpl

NoExecuteRemoveFileOptOutList

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 313KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ