3464fb517f2b5f44090a6c181a479278_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3464fb517f2b5f44090a6c181a479278_JaffaCakes118
Size

24KB
MD5

3464fb517f2b5f44090a6c181a479278
SHA1

657556a68628d2a0d5d6006f15601f0a9f0fbbb3
SHA256

6950b9f4633e0fb92313dd9e8e7ebd2936d84f51c8f110d1ec3472528c621f27
SHA512

34314dae8634dad081866f4427484d059a2db2d61f7ba402ee79e34c41cc2b08e7f8213a052cebf46a25d51be70d1ec7a7e7c9653bd5389f9f749a749470e13a
SSDEEP

192:tTmGfSAvSNu7zS0rU5+riG3qsyE4UgMLO/vS5BfreyEZid45D:tTmOSOSNAzS0rU5+Geq3ei3S/fre8qN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3464fb517f2b5f44090a6c181a479278_JaffaCakes118

Files

3464fb517f2b5f44090a6c181a479278_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c36d8a52c772816563c7f802a02b47fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
LoadResource
MoveFileA
SetEnvironmentVariableA
SizeofResource
lstrcatA
FindResourceA
lstrcpyA
lstrlenA
CloseHandle
CreateFileA
FlushFileBuffers
WriteFile
ExpandEnvironmentStringsA
ExitProcess
lstrcmpiA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ