10063d9a7a813f84d16895c29730583b_JaffaCakes118 | Triage

Sharing

General

Target

10063d9a7a813f84d16895c29730583b_JaffaCakes118
Size

52KB
MD5

10063d9a7a813f84d16895c29730583b
SHA1

01ac810db15e6970b4d95dc082977759e1138fd7
SHA256

003410e650db6c9577de3f979635023dde7326b270564d0557f915dde55f6aaa
SHA512

4130557e9b855001228421cc722e95e646c20b50b2fbd36a53aba441890e6353393f6d3e10dbb316c33ca24748e3c7f9efd5a9a0863cf5f307ab7a887a9f8501
SSDEEP

384:N4QPaakFJNnXs8G0KckVmTvVgNCArdv2rDdoZ:N8asJNX4ov+NCArdUDaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10063d9a7a813f84d16895c29730583b_JaffaCakes118

Files

10063d9a7a813f84d16895c29730583b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27d8468a993f77eaf4c70ce63300b65e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegReplaceKeyW
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyW
RegLoadKeyW
RegOpenKeyA
RegGetKeySecurity
RegQueryInfoKeyA
RegOpenKeyW
RegDeleteValueA
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueW
RegCreateKeyExA
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyW
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyW
RegEnumKeyExA
RegGetKeySecurity
RegQueryValueExA
RegEnumValueW
RegDeleteKeyW
RegQueryValueA
RegEnumValueA
RegEnumValueA
RegQueryValueW
RegLoadKeyA
RegOpenKeyA
RegReplaceKeyW
RegEnumValueW
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA

kernel32

ExitThread
CopyFileExW
OpenFile
DeleteFileW
GlobalFree

Sections

.tedt
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eadta
Size: 6KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bas
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ