21b8490fd002aa039bf54a1c6f510da0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21b8490fd002aa039bf54a1c6f510da0_JaffaCakes118
Size

11KB
MD5

21b8490fd002aa039bf54a1c6f510da0
SHA1

f0a365cffc48b2db0c35de30a618c883cfabafd9
SHA256

447929376470b7915c2ede530ee17e41666a5397dcb05af95ddc96e782a99259
SHA512

886a521b4dcd0e2bb1b949deaa46471da9c47b6bf3cedecd896961d9df506b0c2c1ad423029fce17ddf6df4c6261604197b2e7895211b4d3102210ef7d7d3b62
SSDEEP

192:7qhuLlt2Cu53a5v9V7BjKhDoxWuB5WuX5FZwuSJLo4eKH:CuLZxdeAWuBQgvZ4JKo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21b8490fd002aa039bf54a1c6f510da0_JaffaCakes118

Files

21b8490fd002aa039bf54a1c6f510da0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

167805aefc05901449ca027fc72fc591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
memcpy
strcpy
strcat
_stricmp
sprintf
memcmp
atoi

kernel32

GetModuleHandleA
HeapCreate
GetSystemDirectoryA
GetCurrentProcessId
HeapDestroy
ExitProcess
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
DeleteCriticalSection
CreateThread
Sleep
HeapAlloc
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessA
HeapFree
TerminateProcess
PeekNamedPipe
DeleteFileA
CreateFileA
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
ReadFile
HeapReAlloc

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA

Sections

.code
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 7B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE