fd788bb077ba67582a772fa925026313_JaffaCakes118 | Triage

Sharing

General

Target

fd788bb077ba67582a772fa925026313_JaffaCakes118
Size

28KB
MD5

fd788bb077ba67582a772fa925026313
SHA1

de04ec183a04b866dc5863b9207738cae65c5950
SHA256

62e934bc3a879e201707d64b35757ac2ec7dbd7625e4d61bd3bb3cf1cbc45ad7
SHA512

a25377aa41dc230f3cb9fe8147240232db2da400ff051c7d900a071b107ba8f4472fdf1122cb0fc38850c3a611b384292fdc90a3610906943ebadd850b49858d
SSDEEP

192:Sm5+ZVjushW8Q9rQX+B9kyLI78MlAyPOssSCcSFgmZBdZDeQbdR3YeSMhZRohxiR:SAp4w+XQcvmlfmyPpqntxs1pon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd788bb077ba67582a772fa925026313_JaffaCakes118

Files

fd788bb077ba67582a772fa925026313_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf8100bcd97bcde328ba859c991e39b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA
URLOpenBlockingStreamA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegSetValueExA

kernel32

LCMapStringW
GetModuleFileNameA
LCMapStringA
CloseHandle
ReadFile
GetFileSize
OpenFile
GetSystemDirectoryA
GetFullPathNameA
Sleep
WinExec
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE