3cfb1ede09d33fb56a4bc80d65ce2c41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cfb1ede09d33fb56a4bc80d65ce2c41_JaffaCakes118
Size

5KB
MD5

3cfb1ede09d33fb56a4bc80d65ce2c41
SHA1

2091b52dd3a4160fb8778d00359263f48dd7f74c
SHA256

e4db615c23ea8c50bfec77ad3403c2ba520b52cd8d690b1db10b416bc9e9d49e
SHA512

c4057e543553606e2264c2552ade637b85ea81fa8d04a95ba0d58e853c45886339f973afe18c6d5ff62c68daa1e3c71bedb7b69ad6934ed2a911229b32f0e5de
SSDEEP

48:6F6/ssssq3EUIuVTcNEaHlL7k7Vxz/HC5tep+CnLwb0ZxCgdef6ag+C5Id00gRVC:C9TbFF/HC5M+kLNCgdT53UDK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cfb1ede09d33fb56a4bc80d65ce2c41_JaffaCakes118

Files

3cfb1ede09d33fb56a4bc80d65ce2c41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc477e29a91a612645e4225b56547897

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesA
Sleep
WritePrivateProfileStringA
lstrcatA
lstrlenA
ExitProcess
GetProcessHeap
HeapAlloc
lstrcpyA
HeapFree
GetVersionExA

user32

wsprintfA

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ