12ecdc1da4ea6fe94aa6c96a20f59fe6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12ecdc1da4ea6fe94aa6c96a20f59fe6_JaffaCakes118
Size

906KB
MD5

12ecdc1da4ea6fe94aa6c96a20f59fe6
SHA1

5b7357a21370d11adee3a8aa5bf00cf7dadd3258
SHA256

c5d7344684961823d4b8e33a22e6d85c9f411fcaa9d3e6bbadf4f7deec86a716
SHA512

566c1322d60de0670abfbe61baddbba235d0880499eb837b3d99defd2fc3a680b979996a1b5222c3c8eeed6f7fe0ae16622b45e9e9efacdad5c87bb817ab35e6
SSDEEP

12288:PU8BsklE01/DI1x0XARCDrVSB1yaFQDVWzcZtfBe8+REGDR5By6h2w4OfFS9b:PhukaGDI1x0XyrU9s8+REGtN2NOfAd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12ecdc1da4ea6fe94aa6c96a20f59fe6_JaffaCakes118

Files

12ecdc1da4ea6fe94aa6c96a20f59fe6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

359a89dda717a86b2931f59309200b0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragMove

advapi32

GetSidLengthRequired
AddAce
ObjectCloseAuditAlarmA
IsTextUnicode
ControlService
SetSecurityInfo
GetUserNameW
GetFileSecurityA

user32

ShowCaret
GetUserObjectSecurity
GetMenuItemInfoW

kernel32

GetShortPathNameA
FillConsoleOutputCharacterA
FindFirstFileExW
GetEnvironmentStringsW
ExitProcess
GetDateFormatA
GetBinaryTypeA
GetUserDefaultLangID
GetCompressedFileSizeW
_hread
SearchPathW
GetProfileIntA
MoveFileExA
SetHandleCount
GetProcessTimes
GetStartupInfoA
FreeLibraryAndExitThread
ConnectNamedPipe
FindResourceExW
GetConsoleMode

Sections

.text
Size: 12KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ