2def9fa2ffa8a7d2ecfa67651b8e0ece_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2def9fa2ffa8a7d2ecfa67651b8e0ece_JaffaCakes118
Size

12KB
MD5

2def9fa2ffa8a7d2ecfa67651b8e0ece
SHA1

97c5ca1749f28a46811d561ec5f8c3e2cbe6f3ac
SHA256

0db1daade7c00bba4a0852454f220d70a7be1ebdf49502804a6c26978a65e793
SHA512

427ca17bbdf9eac5d9b61ff3b0991acbcd2055dd949d59da4889c9d1d9811a82a43b4132fd8e67a4f796287189cf2253362902583705e0c124e15f27970999d6
SSDEEP

192:+omItm0dGJfKm0ys+d+kPB3NjIiC69jaEbCrmqNn/EjXApjgv+yTISPUrsMOaQ8d:+oftFIkm2ZkZdjk6x3bCBlVZgvzICMcE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2def9fa2ffa8a7d2ecfa67651b8e0ece_JaffaCakes118

Files

2def9fa2ffa8a7d2ecfa67651b8e0ece_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c798d7fd8ae2761a69fdddbf434d152b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
ExitProcess
GetDefaultCommConfigW
GetFileAttributesW
GetModuleFileNameA
LocalCompact
LocalFileTimeToFileTime
LocalReAlloc
SetDefaultCommConfigW
WritePrivateProfileStringA
lstrcmpA

advapi32

AccessCheck
GetMultipleTrusteeW
GetTokenInformation
ObjectDeleteAuditAlarmA
RegSetValueExA
RegUnLoadKeyA
RevertToSelf

user32

EndDeferWindowPos
GetTabbedTextExtentW
IsCharLowerA
OemToCharA
RegisterClassW
TileChildWindows
TranslateMDISysAccel

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE