98b85e882fee1b44eef4d187b18a5051_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98b85e882fee1b44eef4d187b18a5051_JaffaCakes118
Size

47KB
MD5

98b85e882fee1b44eef4d187b18a5051
SHA1

9df258d90ddceeed8170a9be6ecb4980be047d40
SHA256

5b5a961e9f5bc9e8adc9562caa8c6e99be456fa211d9df7df996b2a18e896d74
SHA512

201aad3ca9513d740524c1a675937360f9386e83400dc2b34c6a51f688e7cc08ffc5a6828506606793d5a968a6278beac6abb0aac13a1e711e5020526f0ec994
SSDEEP

384:z6V/QK2j9qTiAuDquTZGhukIZB+aD1st3Xs1v5CwgwV:M/00iAuDquT8ur+kWKowgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98b85e882fee1b44eef4d187b18a5051_JaffaCakes118

Files

98b85e882fee1b44eef4d187b18a5051_JaffaCakes118
.exe windows:5 windows x86 arch:x86

37990bee3e8b69258a4df7264376bbbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetModuleHandleW
lstrcatW
GetProcAddress
CreateMutexW
GetCommandLineW
GetWindowsDirectoryW
GetDateFormatW
CloseHandle
GetExitCodeProcess
GetVersionExA
WaitNamedPipeW
GetStartupInfoW
DeleteFileW
LoadLibraryA
ReadFile
InterlockedDecrement
FileTimeToSystemTime

advapi32

RegLoadKeyA
RegCreateKeyExA
RegDeleteValueA
RegRestoreKeyA
CryptSignHashW
RegOpenKeyW
OpenEventLogW
RegCloseKey
IsValidSid
LogonUserA

cryptdll

MD5Init
MD5Final
CDBuildVect
MD5Update
CDLocateRng

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE