5c41fb5167e21e020e8f4374b7407b0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c41fb5167e21e020e8f4374b7407b0e_JaffaCakes118
Size

24KB
MD5

5c41fb5167e21e020e8f4374b7407b0e
SHA1

6fe0036b2d1e3157d07001ada1acb1774d1d0dc6
SHA256

8f4b381ed717351b1082c3116d2b4d0959b8781de94930efafc843453dac7f1a
SHA512

f83451c0d98b0d01078a1948b6f9cd149d61679e8bdf1db90fb56137fba4ef782ec9c2a5c84004f1d78fbba0dc664bcf41910ee75517d15f80376f81a3d9bfd3
SSDEEP

192:LFOz//oJmVFJ+cUbHa+zsrHWpwKSbIGpf7Uu50QnEziBOA8qzW:ZW//r+cU+iP4UumQnEAOA7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c41fb5167e21e020e8f4374b7407b0e_JaffaCakes118

Files

5c41fb5167e21e020e8f4374b7407b0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5715cb5c545f97220dcf6fd596ae3744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
SetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
WinExec
GetPrivateProfileStringA
lstrlenA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegEnumKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

wininet

InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindCloseUrlCache
InternetOpenA
InternetReadFile

msvcrt

fgets
strrchr
strchr
sprintf
sscanf
??3@YAXPAX@Z
??2@YAPAXI@Z
strstr
fopen
fclose
fread
fwrite
strncmp

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ