43a257a85ac6efb2f1efb4684357c686_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43a257a85ac6efb2f1efb4684357c686_JaffaCakes118
Size

10KB
MD5

43a257a85ac6efb2f1efb4684357c686
SHA1

0200bf63f81eddcab2735547ec41f98d762abdf2
SHA256

41e5029ba963df5444834c053ad1cde91d49e5500069df76432df957c9bc76df
SHA512

40e097aad438a10ec0f48671d98d47dad1b7b27b710339716ba00a2eeda5e5f7957e6de065f7fa14140cc871f16e2c866772c694835bda177db0f3d8df1164b7
SSDEEP

96:Z5MQQ60RmqbQAPBX3YwOFPsWqBqjIUUxTxbp4hfSgnEH3+2nkP67:036imqb9B4wOFPFj0UMI6gEH3nk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43a257a85ac6efb2f1efb4684357c686_JaffaCakes118

Files

43a257a85ac6efb2f1efb4684357c686_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67093985f7030479e6d7195a85ae5773

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrIA

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetTickCount
Sleep
lstrcatA
lstrcpyA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

comctl32

GetMUILanguage

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE