05adc7cb244fa118d701ed0614b2ebf2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05adc7cb244fa118d701ed0614b2ebf2_JaffaCakes118
Size

38KB
MD5

05adc7cb244fa118d701ed0614b2ebf2
SHA1

e45202b9247d84ffab5fc2df13b4574b141b2ab1
SHA256

c3eb808906075c96118986de1ef0b0a4f8993fb9c9aa96d5e85e28dcabb96ac6
SHA512

5d8ef9d81e083ef3ba339f689b14dbc2690bcbf3e43ecb87534a527c0bb306d1593594d3b6772fe65a7b3fb796c701a55c6f716a820f296d14dd0140ff804dd7
SSDEEP

384:GnGcWtLgmZSNq+IVDi8F4B0dNkmOcsyZanSlH+DghJqCUmPtV3BmvIC037t1jg4c:WGZL3iF8UcsiaScD4rt19BP37DhKE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05adc7cb244fa118d701ed0614b2ebf2_JaffaCakes118

Files

05adc7cb244fa118d701ed0614b2ebf2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63f195e96368ff7bebefe8752bd3d1a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
CopyFileA
CreateDirectoryA
DeleteFileA
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
SystemTimeToFileTime
ExitProcess
GetModuleHandleA
CloseHandle
WriteFile
CreateFileA
LocalFileTimeToFileTime
FreeLibrary
SetFileTime

advapi32

RegQueryValueExA

shell32

ShellExecuteA

msvcrt

??2@YAPAXI@Z

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ