c37258219d57d97b495db272a7c303ad_JaffaCakes118 | Triage

Sharing

General

Target

c37258219d57d97b495db272a7c303ad_JaffaCakes118
Size

183KB
MD5

c37258219d57d97b495db272a7c303ad
SHA1

32a6b1f687a55a127a02dbab0966fcc833adff33
SHA256

a2dad09c0ac6cc2e6cc570b25666b102db4f29013895aed5855b34cc12dd1375
SHA512

ec59e9c2426484da73274c640466ed0356c12885d22a0968142790c97238a1651b9a40c829d045d27c0db8ed4bd0831540fa66347a9778b2568fabd743e8a80f
SSDEEP

3072:zYyuXQyRVQSmbvwM/3nQ5cQbB+urBu3gz0i6oKtN7Ks2Hok59HRmIfhtBv/XRRvq:ZESSOwEXQ+QXuwzB6ogJKPrJfhvPRxzG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c37258219d57d97b495db272a7c303ad_JaffaCakes118

Files

c37258219d57d97b495db272a7c303ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e825112a2f5fbfc2c9da243a55d1c0b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
LCMapStringA
GetStringTypeA
IsValidCodePage
GetLocaleInfoA
DebugBreak
GetTimeZoneInformation
EnumSystemLanguageGroupsW
GetStringTypeW
OutputDebugStringA
WriteConsoleW
CompareFileTime
OutputDebugStringW
LCMapStringW
HeapReAlloc
GetCPInfo

advapi32

IsValidSecurityDescriptor
GetUserNameA
AddAce
LookupAccountSidA
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
DuplicateTokenEx
PrivilegeCheck
GetSecurityDescriptorLength
QueryServiceStatus
RegOpenKeyExW

winmm

sndPlaySoundA

oleacc

CreateStdAccessibleObject
ObjectFromLresult

oledlg

OleUIBusyW

shell32

SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ