f85e3d635e1a746ecdd82d86e48eca31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f85e3d635e1a746ecdd82d86e48eca31_JaffaCakes118
Size

12KB
MD5

f85e3d635e1a746ecdd82d86e48eca31
SHA1

d6c972b353b36997aed703387497c0c2a3a517e7
SHA256

d709b38c416e895b9af99cd108ee302c99999970cd03577be3f147a27a246e16
SHA512

9cd1731548d0c2ec920c35662f8b0336f521b10a94b9fc662c0903c62f6430d9f37fa9451b3bb735e7b3435272eeb27c64c754d2ee87e9bb6e5384e1357124bd
SSDEEP

96:V4vEZOfZxwYjT+h6hbifnblIrD6NNmy19KoV5dHWkwpLoRCw8Hfo0kj27:+vXNGh6gfirD6NNm0FbdHWkULoR+A0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f85e3d635e1a746ecdd82d86e48eca31_JaffaCakes118

Files

f85e3d635e1a746ecdd82d86e48eca31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb8fc797ba3cfb0fbabbff7e2d42932e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrIA

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA
lstrlenA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

urlmon

IsValidURL

comctl32

GetMUILanguage

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE