ea6d9145d46381fd3c1a651f340f714a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea6d9145d46381fd3c1a651f340f714a_JaffaCakes118
Size

24KB
MD5

ea6d9145d46381fd3c1a651f340f714a
SHA1

2d08cd552467c94ff255ef77bb76aafd1d808008
SHA256

1e2fd048ee636fc0ddc71b2722cf410892571017964b59f39097854f77cd4ffa
SHA512

476aa1d7466aa6dbd51824a77e4b4c22f1fbe8b45892c7965c6726b5b29037fc4c5cc4594d463da121a079dcf75491ba64bd8d3181040bd236f38ce167ce1fd2
SSDEEP

384:GcGJxDJ/T2s7t+/pywP0PJ0Ryskog8Otv8AwL1MeMIKzb+ssxf0ZirvZSwXRomv:G3wryUMIKzxsxflrUwXRd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6d9145d46381fd3c1a651f340f714a_JaffaCakes118

Files

ea6d9145d46381fd3c1a651f340f714a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5eaa07c9af795128ae9c654d0d33f1ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
FreeLibrary
DeleteFileA
lstrcpyA
lstrcatA
GetCurrentProcess
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
WinExec
GetModuleHandleW
GetProcAddress
CloseHandle
ExitProcess
GetModuleHandleA
GetCommandLineA
OpenProcess
GetShortPathNameA
GetEnvironmentVariableA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
TerminateProcess
CompareStringA
Process32Next
Process32First
CreateToolhelp32Snapshot
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery

user32

MessageBoxA
ExitWindowsEx
wsprintfA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

shell32

ShellExecuteExA

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE