f5f67b765bbcc537004887de4b14189a_JaffaCakes118 | Triage

Sharing

General

Target

f5f67b765bbcc537004887de4b14189a_JaffaCakes118
Size

21KB
MD5

f5f67b765bbcc537004887de4b14189a
SHA1

6088ef1fcd279040fa2432cdb0212dff73f07fef
SHA256

f0403b72fe04e215dfbb3fbbc197df2de592f05243ce6c1a88f446bbcd40a979
SHA512

b0a1fc012e9462830e8ddb817a4df4e638b003267563f7d0dd180211c9050dbdb241e6c202e67662a28e7dfe662b52a8bedf4f48750cd6384d8315d79b28d866
SSDEEP

384:5/10ExxGQMR+ozklGfPv1ztpKlUhZ5Q+Zscn3KTOtVfsecbNiEXDIDWOlnfWjvOZ:d10ExxGFRilOFztpKl6Z5Q+FgOtVsecO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5f67b765bbcc537004887de4b14189a_JaffaCakes118

Files

f5f67b765bbcc537004887de4b14189a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c20ab0436f81f5a251e5df9d9948804

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
DeleteFileA
CreateEventA
WriteFile
lstrcatA
CreateFileA
lstrlenA
GetModuleFileNameA
LoadLibraryA
CloseHandle
lstrcpyA
GetTempPathA
GetFileAttributesA
PulseEvent
GetModuleHandleA
SetFilePointer
GetProcAddress
ExitProcess
RtlUnwind
SetEvent
OpenProcess
Sleep
GetSystemDirectoryA
ExitThread
GetLastError
CreateMutexA
GetVersionExA
CreateThread
lstrcmpA
ResetEvent
WaitForMultipleObjects
ReadFile

user32

SetThreadDesktop
ShowWindow
PeekMessageA
CreateWindowExA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
DestroyWindow
CharToOemA
wsprintfA
CreateDesktopA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegNotifyChangeKeyValue
RegOpenKeyA

shell32

SHGetFolderPathA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ