19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118 | Triage

Sharing

General

Target

19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118
Size

4.6MB
MD5

19677c8fc089e1b9dbc091cd3c2a434e
SHA1

ce298cada5f5f4027fedbf2e9f47ada84477116c
SHA256

646c76a53ac0a8de7300e0c8ad8e55b0d2eb727395553cd8e5512e065e630d2f
SHA512

b4b62435de4aa327ea04f5d2f8af9164e1465973acfa4b3eaade9f3aa948854b1037b351e9767d97a0698e16eb4e4c7f5d8b2089162e3a690e24c90dc745ebfc
SSDEEP

49152:QrwrvdfLgyjRQxYQoGS9zJTI9i+iiAghm4MfPkwk6DlfX+KWF4evK+NZf8iCNcxm:oEUYB+ii/w1swk6D8KuTPz19cSCwC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118

Files

19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a52150260066d3d1529c887a65617b97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WriteFile
LockResource
LoadResource
FindResourceA
CloseHandle
SizeofResource
WaitForSingleObject
lstrlenA
DeleteFileA
lstrcatA
lstrcpyA
GetModuleHandleA
GetCommandLineA
FreeResource
CreateProcessA
GetTempFileNameA
GetTempPathA
lstrcmpiA

user32

LoadStringA
MessageBoxA

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 4KB - Virtual size: 897B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ