3c03bb41eeb2cce86c658d21188ff0f4_JaffaCakes118 | Triage

Sharing

General

Target

3c03bb41eeb2cce86c658d21188ff0f4_JaffaCakes118
Size

8KB
MD5

3c03bb41eeb2cce86c658d21188ff0f4
SHA1

ab8cc76c02130ed99ccfdab2eeee29c229aefd87
SHA256

4c7bbd43b326526eca54d4483c538b2a66ca28c035d265ff84b2a9306dbd01a5
SHA512

9c94e4d392eee49c01a4f6f9c3da4951421f19cc525af75329c0a01d08cd29b167964906ead75f521bdef6b83af53e3eeeedfda8c879309315eebdf31ff79ffb
SSDEEP

96:6P9vRkADp2smnRK3ym6mz9vtpWHK6Jwh6YrcA43XfmV8lVIf3BYtt7lD:6lvr9mQwc9VsF2h6YrbKXfjGf3BWlD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c03bb41eeb2cce86c658d21188ff0f4_JaffaCakes118

Files

3c03bb41eeb2cce86c658d21188ff0f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5819dc63d05f370e547437e578a4ac9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CancelIo
LoadLibraryExW
GetModuleHandleA
IsBadStringPtrA
DeleteCriticalSection
IsBadReadPtr
FreeConsole
ResetEvent
GetDateFormatA
TlsGetValue
GetCommandLineA
LocalFree
GetLastError
FindClose
SetLastError
GetDiskFreeSpaceExA
VirtualProtect
GetDriveTypeW
EnumResourceTypesW

advapi32

RegCreateKeyExA
LsaFreeMemory
CloseEventLog
CloseTrace
AccessCheck
RegCloseKey
LsaSetSecret
IsTokenUntrusted
OpenEventLogA
FreeSid
RegLoadKeyA
LsaClose
GetFileSecurityA
RegCloseKey

glmf32

glsCharubz
glsChannel
glsGetError
glsBinary
glsBlock

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ