0dc9c9f28c1cb73c28f179128d71f733_JaffaCakes118 | Triage

Sharing

General

Target

0dc9c9f28c1cb73c28f179128d71f733_JaffaCakes118
Size

9KB
MD5

0dc9c9f28c1cb73c28f179128d71f733
SHA1

5ccaaf767d642cd9c571fef1dd720511d10c7971
SHA256

b76000c12fa0637236c42ee22801f800daf1f1e835cd474147b051c47e7eb702
SHA512

f53fc85283a12a2b10a98eb331585951b5382f5e863070ec1b928ac4fb05b141b6fd1261c1e60945d3dc444de6b65aed4d9d7b6c9c87fa4e1ac4d9fe6be5ae03
SSDEEP

192:BfGbnLwRwIRbawI6lgcNlPtTBrfe2gwvAwF1+zIyAZPzSYiC2eTJTX0J08y5aVC:BfenLwRqwI6lgcNlPtTBrfe2gwvAwF17

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dc9c9f28c1cb73c28f179128d71f733_JaffaCakes118

Files

0dc9c9f28c1cb73c28f179128d71f733_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

f74864fb1fcde065cf321d7b5fc37d39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
Sleep
GetLastError
CreateEventA
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetVersionExA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
WinExec
CopyFileA

user32

wsprintfA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE