4dcf3ff4159f23932d422937e9173e70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dcf3ff4159f23932d422937e9173e70_JaffaCakes118
Size

65KB
MD5

4dcf3ff4159f23932d422937e9173e70
SHA1

878759a29a2532fe0fdf4a21aedb6b54058a7cb4
SHA256

32de86d80dc0816a9d5b85bdcf5d7c44339805e5fb305dee5be3db876eaa34fd
SHA512

27187289a2b4a1d2f9b5e5a20c28a521893e92a5dca22b96a4f964b58be2f6be1c88713a654a63818c7a14b5486f237d08ee8fdce95f094410bdc35acd164563
SSDEEP

1536:3pTr3+2c8bB8yaGJDk/eWPkd4cSEpDeidUHPhMnPmR:1u2PbypeWPkuc3pDeiw3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dcf3ff4159f23932d422937e9173e70_JaffaCakes118

Files

4dcf3ff4159f23932d422937e9173e70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eead284b583064d5eed3b7c35087a84f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GlobalAlloc
GlobalFree
FreeLibrary
CreateFileA
GetLastError
SetLastError
Sleep
ExitProcess
GetModuleFileNameA
GetFileSize
ReadFile
LoadLibraryA
CloseHandle
GetStartupInfoA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

msvcrt

realloc
free
strlen
strcat
strcmp
_except_handler3
strcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
memset

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE