48df8d38feffb0d53abb70661377d5c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48df8d38feffb0d53abb70661377d5c4_JaffaCakes118
Size

28KB
MD5

48df8d38feffb0d53abb70661377d5c4
SHA1

03792017f3f837ab3730066cac206990d342bc99
SHA256

1c581b63ecf0989b70cb7e562ecb3af8d001393f0c901c30108f1fbfa15d1a5e
SHA512

67b43466f91015ea6e8c08b36dc2b3dd839f1d62ee09ffd8929fbbd4ed00da1d767c9191bf7cb5897c0093aa387d282af7c4e189cb3c108f4b593e37d7aee9b8
SSDEEP

192:9nU0IhhNciBTZ4W8S/N/12cj4BYTskFl9AT84+tI:4hhSA47I12u4BYaTK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48df8d38feffb0d53abb70661377d5c4_JaffaCakes118

Files

48df8d38feffb0d53abb70661377d5c4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a27b518ede9da687d1dd191dc7d5d3e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA
wsprintfA

kernel32

CreateFileA
GetSystemDirectoryA
LoadResource
FindResourceA
GetModuleFileNameA
SetFilePointer
lstrcatA
GetTempPathA
GetFileSize
ExitProcess
ReadFile
SetEvent
CloseHandle
SizeofResource
Sleep
WriteFile
OpenEventA
lstrlenA

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

Sections

.avx��
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE