4ced40a9f019a7263954c6e05a8247b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ced40a9f019a7263954c6e05a8247b9_JaffaCakes118
Size

5KB
MD5

4ced40a9f019a7263954c6e05a8247b9
SHA1

e7915ce3e9e421b600ec92d64384c8e99ca5f580
SHA256

06b3b507bbe95f6592b51486886e0c0076879cd71a5a7fa76e57dd333c792757
SHA512

39fddec90ed031fac71d57f4421dd31f80a233ad9924ab3fd8115b5756b666747f9303bf012674007eee9d85a13f77b6f307a166f8e5881b686f051eaddb0133
SSDEEP

96:u5y7iwO6G3DC/MecsXKIay04fOe4q4at+FRjah26:u5yADC/5eIay0xQWRH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ced40a9f019a7263954c6e05a8247b9_JaffaCakes118

Files

4ced40a9f019a7263954c6e05a8247b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b14067cfc69d37852c3f178517fa16f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
ReadFile
WriteFile
GetSystemDirectoryA
GetShortPathNameA
lstrlenA
ExitProcess
GetCommandLineA
lstrcatA
MultiByteToWideChar
DeleteFileA
CloseHandle
CreateFileA

ole32

CoInitialize
CoCreateInstance

advapi32

RegCloseKey
RegEnumKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

user32

wsprintfA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE