17ebfd76795448ffd0273068c9fd9339_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17ebfd76795448ffd0273068c9fd9339_JaffaCakes118
Size

390KB
MD5

17ebfd76795448ffd0273068c9fd9339
SHA1

2f137f16e3ac9c1075879183ae941c57fef4bab4
SHA256

8588784561ee6d97faed60b20b0307d4bdd983c6fc0ffe186ff925dea49ff168
SHA512

4e349a9e0c1dd8d3202fe8320b44f87679c738ad2f828570825e6c452c5fd333b571759c26cf0ffbe408345285f452541a1d77b2516865669dfe9902779afb55
SSDEEP

6144:zqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnr:NO1xm+QoK0t4K3gCTDYWGrYzt+NST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17ebfd76795448ffd0273068c9fd9339_JaffaCakes118

Files

17ebfd76795448ffd0273068c9fd9339_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90c98fead575c28edb129d609520a801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetDiskFreeSpaceA
SetLastError
LoadLibraryW
CreateFileA
CreateThread
GetSystemTime
LocalUnlock
GetComputerNameA
FormatMessageA
FindVolumeClose
GetTickCount
GetModuleHandleA
HeapCreate
UnmapViewOfFile
CloseHandle
lstrlenA
GetCommandLineW
Sleep
LocalFree

user32

IsWindow
GetDlgItem
GetComboBoxInfo
CreateWindowExA
CallWindowProcA
DispatchMessageA
FillRect
GetDC
DrawMenuBar
DrawEdge
SetFocus
CheckRadioButton
DrawStateA

advapi32

IsTokenUntrusted
RegDeleteKeyA
RegCloseKey
RegEnumValueA
FreeSid

hdwwiz.cpl

AddHardwareWizard

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ