392f1747decc0f6175cc3a787f33e684_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

392f1747decc0f6175cc3a787f33e684_JaffaCakes118
Size

31KB
MD5

392f1747decc0f6175cc3a787f33e684
SHA1

8efe21ebeb19060f6652b6b18528298f5e0c4574
SHA256

d17f6c2fff18561f51e92d4e9be4ca025c30ef63d4af19b33db967025f5a6304
SHA512

d442532efdc1404889ae6cdca7eacd929b82e7ed68026e921dc8ed4b875855fead1afde682bfedc49dcb21904970a4d7b8b88a6ea5406e1a39ea5d3c395327ca
SSDEEP

96:6PEee/n8EgNKYRtmckygaHe2SaBO/6Oay2:68j/8Elutmhyg6e2Ld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
392f1747decc0f6175cc3a787f33e684_JaffaCakes118

Files

392f1747decc0f6175cc3a787f33e684_JaffaCakes118
.exe windows:4 windows x86 arch:x86

256bca9fa1aa504f36aa7c4cfd39ebb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcpyA
CreateFileW
SetLastError
CreateProcessA
GetCommandLineA
GetComputerNameA
LoadLibraryW
GlobalUnlock
Sleep
GetModuleHandleA
LocalFree
PulseEvent
FindClose
CloseHandle
UnmapViewOfFile
GetCurrentDirectoryA
GetCurrentThreadId
HeapCreate
FindResourceW

user32

CallWindowProcA
DispatchMessageA
GetCaretPos
CreateWindowExA
CreateIcon
DrawEdge
CheckRadioButton
GetDC
DrawMenuBar
SetFocus
IsWindow
GetDlgItem
FillRect

cryptui

CryptUIDlgSelectCA
LocalEnroll
CryptUIDlgSelectStoreA
WizardFree
CryptUIDlgCertMgr

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ