e79405179d0d23b9058ca37409190012_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e79405179d0d23b9058ca37409190012_JaffaCakes118
Size

4KB
MD5

e79405179d0d23b9058ca37409190012
SHA1

f2c6d8b5924fe2df15109114834030d5fc86a4c3
SHA256

fddacb0345573dbf178992d54818bb18d70cc2525d88495f949b8dea1edaa1be
SHA512

092ec5583d0bd7e45d4228c2a13f7f8f93bd88a4b65207b7a3b0fce91755fde5c3b1a8708bb621ddc31401efddb40a79883cec2626f5c2cb078d31fd995ae350

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e79405179d0d23b9058ca37409190012_JaffaCakes118

Files

e79405179d0d23b9058ca37409190012_JaffaCakes118
.exe windows:1 windows x86 arch:x86

920544d48019ef86c96076b106d5ea48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CreateFileA
DeleteFileA
ExitProcess
FindFirstFileA
FindNextFileA
GetFullPathNameA
GetLogicalDrives
GetTempPathA
SetErrorMode
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

MessageBoxA

advapi32

RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.chaos
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE