f529b7596dc24e37e9e4b1723f41c461_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f529b7596dc24e37e9e4b1723f41c461_JaffaCakes118
Size

30KB
MD5

f529b7596dc24e37e9e4b1723f41c461
SHA1

1e9ddf68842e4f30296cfdb4c6072494d900d9cd
SHA256

bdbe4671c744702ac105063264c44d474fab8bbec673674448027d8fbbf23c27
SHA512

f39d1374f3c185e20768a10731da2d7ca3c5dde21c447cfc5ff9a6005612cad10c821c69df69545fc33da956fe8c6f2e57621b18415591f87d5776e2d0d41598
SSDEEP

768:2ceI5/MjgJM0Uob/xS7MLI7kN2bhwI7aYg5gvpOcMkdr:QIC4dN2bhwI7aYg51vY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f529b7596dc24e37e9e4b1723f41c461_JaffaCakes118

Files

f529b7596dc24e37e9e4b1723f41c461_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8415edc2700fb2c97d8fcd25a90376d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

CopyFileA
FindResourceA
FreeResource
GetModuleFileNameA
GetSystemDirectoryA
GetSystemTime
GetTempPathA
GetTickCount
GetWindowsDirectoryA
LoadResource
RtlZeroMemory
SetFileTime
SetHandleCount
SizeofResource
Sleep
SystemTimeToFileTime
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

advapi32

RegQueryValueExA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ