231a1301c28417881305404ac001242f_JaffaCakes118 | Triage

Sharing

General

Target

231a1301c28417881305404ac001242f_JaffaCakes118
Size

21KB
MD5

231a1301c28417881305404ac001242f
SHA1

9c4193fa2570b0dba8ef76190efef8034526db47
SHA256

ec3f876ebef5f781d4743315ec02e6f796927cf0ac761b7a4005ccd5a09dbfd7
SHA512

1d0a30e9486ad774799d5b2882a7af570b0bc829206fcad88e0c82dfe8976c194aaeb26533ffb651f287f8c89abd483e97333bf07e46269813bfb0b516a381ca
SSDEEP

384:DS5D5BZmPShvah1aaW/8AoWstmwU7unX9CZWxzt1DxWfymWSj:25FjmaJaf9AWEuNLRr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231a1301c28417881305404ac001242f_JaffaCakes118

Files

231a1301c28417881305404ac001242f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d95cc72ce662482e331fe6c14ee3432d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetTempPathA
GetSystemDirectoryA
GetModuleFileNameA
GetSystemTime
Sleep
GetPrivateProfileStringA
MoveFileExA
SetFileAttributesA
GetWindowsDirectoryA
FreeLibrary
GetTempFileNameA
LoadLibraryA
WritePrivateProfileStringA
GetProcAddress
GetStartupInfoA
GetModuleHandleA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyA

msvcrt

atoi
sprintf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_except_handler3
strrchr
_itoa

shlwapi

PathAppendA

wininet

InternetReadFile

Sections

.code
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE