551925c23d63b35d8913d2afeb0d4db7_JaffaCakes118 | Triage

Sharing

General

Target

551925c23d63b35d8913d2afeb0d4db7_JaffaCakes118
Size

83KB
MD5

551925c23d63b35d8913d2afeb0d4db7
SHA1

d261bd39044f317c2130657b843da06b70f4b96e
SHA256

ae82159a92a379400884645f2431eb61c94df4a6a5eb6a9ff973c0dfbc43adeb
SHA512

75ad3810b6f8f06f27756804a79da39a8e6dd7636851a4b9bc9740fe661a1dc374d7ff545154430180598628869bfaefdfb16fd0242d9bc6745782d272b31abc
SSDEEP

1536:AC2+T9tTMC9NleLmweup507s2GXh7kEfysznXPaP5pF4TvF3JHo:AC2+TLTP9NleLpeusA1RYsnS+TvF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
551925c23d63b35d8913d2afeb0d4db7_JaffaCakes118

Files

551925c23d63b35d8913d2afeb0d4db7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a6506e58210fb74c5a9be5393bab7d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GetCommTimeouts
SetMessageWaitingIndicator
EnumResourceNamesA
HeapValidate
VirtualUnlock
ClearCommError
UnlockFileEx
DeleteFiber
GetLastError
CreateMemoryResourceNotification

gdi32

SetViewportOrgEx
SetTextColor
SelectObject
Pie
GetObjectType
SetLayout
PatBlt

crypt32

CryptMsgOpenToDecode
CertRegisterSystemStore

advapi32

GetTokenInformation

actxprxy

DllRegisterServer

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vfb
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 809B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ