442e1c9ffbf0d8d4b7e752e76603fd96_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

442e1c9ffbf0d8d4b7e752e76603fd96_JaffaCakes118
Size

182KB
MD5

442e1c9ffbf0d8d4b7e752e76603fd96
SHA1

8ea2de4cd82d058b0c7e3248a7215a17e2cbb3e3
SHA256

df426a4bbe6c23cd496841fdb54d55760c482eaea8813a750a6801f9e03fa7cd
SHA512

b9fb40734a0a76433ebd8b62654d505ecfca083b929fb4a5fbd8e15635339828d62c300e539faa30eaf767a9cf8098f220502e69283377bff0de1b0a03d3a5f1
SSDEEP

3072:DNBa/wP//jQ63yYSlzYhhjt46dM34GUTWul+mRTBETGyJwg0vaRHMtqv1DbmOaNC:DNB1/06iYIYhhjt46zDxl5hBET1CXvXw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
442e1c9ffbf0d8d4b7e752e76603fd96_JaffaCakes118

Files

442e1c9ffbf0d8d4b7e752e76603fd96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd8aacc0392da31f9bd6c0ce47b6b2db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

user32

MsgWaitForMultipleObjects
DispatchMessageW
PostThreadMessageW
RealGetWindowClass
TranslateMessage
PeekMessageW

iphlpapi

NotifyRouteChange

shlwapi

wnsprintfW

advapi32

EncryptFileW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
DecryptFileW

kernel32

CreateFiberEx
FileTimeToSystemTime
TerminateJobObject
GetTempPathW
EnumResourceNamesW
FlushFileBuffers
LocalAlloc
SetEvent
RaiseException

ole32

CoRegisterClassObject
CoUninitialize
CoRevokeClassObject
CreateClassMoniker
CreateStreamOnHGlobal
CoDisconnectObject
CLSIDFromString
GetRunningObjectTable
StringFromGUID2
CoReleaseServerProcess
CoCreateInstance
CoResumeClassObjects
CoAddRefServerProcess
CoTaskMemFree
CoRegisterMessageFilter
CoInitialize
CoTaskMemAlloc

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ