29457bd7a95e11bfd0e614a6e237a344_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29457bd7a95e11bfd0e614a6e237a344_JaffaCakes118
Size

29KB
MD5

29457bd7a95e11bfd0e614a6e237a344
SHA1

fef430aefe7f10d82e8ddb405c89e09877c22ed4
SHA256

09dce3b424d8e64c23d9fe520f1419b84c5993bc07e6769a097b4c08ac01f81c
SHA512

f7dc9030a2292ea43891ca146515cc488f9f220330c2307a261836a6ba627a39c50b4bc2b88685507cc176e41308375f56cdcaba5d7cab56c3b4c21d3d6658e5
SSDEEP

384:hmpXkhJ8sDpwpNSnxDQt7B1N3df02Q+xnF8Ti7rB+A3PguKJm0VJlc/:keJnDpwpknm5N3yAFO8+0gu2m4Jlc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29457bd7a95e11bfd0e614a6e237a344_JaffaCakes118

Files

29457bd7a95e11bfd0e614a6e237a344_JaffaCakes118
.exe windows:4 windows x86 arch:x86

965ac668e58b7006f2c1ec437101771d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetModuleFileNameA
GetStringTypeW
lstrcpynW
GetCurrentProcess
lstrcpynA
LCMapStringW
GetStartupInfoA
SetHandleCount
GetACP
GetStringTypeA
GetFileType
GetOEMCP
GetVersion
WriteFile
lstrcpyA
SetFilePointer
MultiByteToWideChar
lstrcatA
GetCommandLineA
GetStdHandle
CreateFileA

user32

CopyImage
InsertMenuA
EndDialog
DrawIconEx
IsWindow
LoadMenuA
CopyRect
DrawTextA

advapi32

RegEnumKeyExA
RegOpenKeyA
RegQueryValueExW
RegQueryValueA
RegCreateKeyA
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ