e91a1606d8ed2d13010f50f3a413b049_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e91a1606d8ed2d13010f50f3a413b049_JaffaCakes118
Size

23KB
MD5

e91a1606d8ed2d13010f50f3a413b049
SHA1

31d6fd92b11bedbeb473e27c79c036006c30c59d
SHA256

d249a6ab091ebd90f9b9d5fedac79a65c3a027ec3303636a056e6c18ebdc2147
SHA512

4ef203b9895f16188fa8a8f50847b143f2e234c810d47fe844fbb94d2fb30e9a73a8af38c61176a1c5b913652112d8cd478a34c219f928c884ff736ac6a78277
SSDEEP

384:CcBCo7D767bPRVlqZf24x3+FQ6juHl+QVslaDhxQDxdHr6R16Eb2F:CMCSu7LHlSe4x3+FQ6KAQxQ1dHrf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e91a1606d8ed2d13010f50f3a413b049_JaffaCakes118

Files

e91a1606d8ed2d13010f50f3a413b049_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b41edfa542240fe0914e5e7dc3375a28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid

user32

wsprintfA

kernel32

ExitProcess
GetCurrentProcess
GetFileAttributesA
GetFileTime
DeleteFileA
GetProcAddress
GetSystemDirectoryA
SetFilePointer
SetFileTime
Sleep
lstrcatA
lstrcmpA
lstrlenA
CreateFileA
CloseHandle
GetModuleHandleA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA
ord680

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 786B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE