439a67ee875c8bbc342ac4bad4f9f640_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

439a67ee875c8bbc342ac4bad4f9f640_JaffaCakes118
Size

108KB
MD5

439a67ee875c8bbc342ac4bad4f9f640
SHA1

380f69fcd31e5d4d53fa787b735475f3a26c1cfe
SHA256

d9a6cae30ee64eadc577d707b83865c41923e230c01e03af01981cd33eeebcc1
SHA512

33f65e4fbff10a3cd8efd612d4c208bc132d0bd0428884131028347afa8d75e445d1ef6cb0f509963feb1f132a081881e9c7ef9780873948166660e873bcb55f
SSDEEP

3072:ScCJ86msw58vLz5FLz3iYEFHVUef24HWAbElAD1:Sce8Nr2Lzn3iYEVVUef24HWAkAD1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
439a67ee875c8bbc342ac4bad4f9f640_JaffaCakes118

Files

439a67ee875c8bbc342ac4bad4f9f640_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1ae6aab0f288c247ac9623adbd6e40d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LoadLibraryExA
GetFileType
FileTimeToLocalFileTime
CreateFileA
SystemTimeToFileTime
OpenProcess
GetLocaleInfoA
FileTimeToSystemTime
SetFilePointer
GetModuleHandleA
LoadLibraryA
SetEndOfFile
CloseHandle
GetCurrentDirectoryA
GetLastError
GetSystemTimeAsFileTime
TerminateProcess
ReadFile
FreeLibrary
FlushFileBuffers

user32

GetSystemMetrics
SetTimer
KillTimer

advapi32

RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

ole32

CoTaskMemFree
CoTaskMemAlloc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ