59d0c4785076aeb97fc9c8b8e92f676e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59d0c4785076aeb97fc9c8b8e92f676e_JaffaCakes118
Size

3KB
MD5

59d0c4785076aeb97fc9c8b8e92f676e
SHA1

75e31430da34aec16f35107ffa9470e3c61b668b
SHA256

64b7648e0009b1e6ea5dab1d196c0c9c3201cfd0d6b71e7ebd793c932e7ce2d3
SHA512

5d5ad79751bbac74ef767f39cbe419016ae04ab0257de70efbd89c242799ba12846de624ee523e7e816ac4ca296aaace85b1dd8927850b10b4b7f0a0011f4b96

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d0c4785076aeb97fc9c8b8e92f676e_JaffaCakes118

Files

59d0c4785076aeb97fc9c8b8e92f676e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0c85653e262fd9275e40db51a9b11e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
ExitProcess
GetWindowsDirectoryA
OpenProcess
Process32First
Process32Next
CreateFileA
TerminateProcess
WinExec
WriteFile
lstrcatA
lstrcmpiA
lstrlenA
CloseHandle
Sleep

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE