556458f8fdd20e8d7a06e9e345a2718c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

556458f8fdd20e8d7a06e9e345a2718c_JaffaCakes118
Size

85KB
MD5

556458f8fdd20e8d7a06e9e345a2718c
SHA1

7b51afb7c2343616a307dd3fde6a8c853ed8dde2
SHA256

d9d54741d4b078e3546abe8258a4361eb1ae450fc6b1ebe0331c711f797d1551
SHA512

7a5afe4bdcbbe2c9bdd0ca0ddd52cf5ed1f808dcc6ce643398885422fae316320b4c0f6e05f29f6748d2ff30436f5075824721764e01f0c494aba3c8d2df80de
SSDEEP

1536:cavK9cDxuCJMQcmZQ8OvfDivJ5pZknbbrr7E7civ9bkpjL2VDGwei4mc55Oaca:cP4cCJGmnOv7ivlZ2rI7/vipk6iDc55z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
556458f8fdd20e8d7a06e9e345a2718c_JaffaCakes118

Files

556458f8fdd20e8d7a06e9e345a2718c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a0a7211cde89adaf1217f9604f76e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
CryptGetHashParam
RegDeleteValueA
CryptHashData
CryptDestroyHash
RegEnumKeyExA
CryptCreateHash
CryptReleaseContext

kernel32

VirtualProtect
ExpandEnvironmentStringsW
CreateEventW
GetSystemTime
CreateProcessW
OpenMutexW
ReleaseMutex
HeapReAlloc
SystemTimeToFileTime
MultiByteToWideChar
MulDiv
WaitForSingleObject
lstrcmpiW
lstrlenW
lstrcpyW
WideCharToMultiByte
VirtualAlloc
GetModuleHandleA

shlwapi

SHDeleteKeyA
PathCombineW
PathFileExistsW
wnsprintfW

user32

GetClipboardData
GetDlgItem
GetKeyState
GetCursorPos
OpenWindowStationA
GetKeyboardState
SetThreadDesktop
GetDlgItemTextA
ExitWindowsEx

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE