6034270be485c79072fead45decde7f2_JaffaCakes118 | Triage

Sharing

General

Target

6034270be485c79072fead45decde7f2_JaffaCakes118
Size

7KB
MD5

6034270be485c79072fead45decde7f2
SHA1

7f02eecb93223915c39d3f8e5ed9850c5f3a8d38
SHA256

5d654be22aa0ec57ea28a3eea829fd6fec8c34631c45a98548024aade5931985
SHA512

45119e59e8ef2d494cc364fcf63fab00d25a9ca793990b35662de45b9860d362dada5edb02c018f07b49c672fa2e6e69090c68762ffc021bd43fa732e7a66d3b
SSDEEP

96:So3lS6637ljAnWO8dmrH1Zp4WKPJv9yEJKxMJcAhuo4gpLBab:F3rulReTj5gJ0scAUUpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6034270be485c79072fead45decde7f2_JaffaCakes118

Files

6034270be485c79072fead45decde7f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d3c833e1d6bd226ecf684322efd1534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

DeleteFileA
ExitProcess
GetLocaleInfoA
GetModuleFileNameA
GetProcessHeap
GetShortPathNameA
GetTempPathA
GetVersion
GetVersionExA
CreateProcessA
HeapAlloc
HeapFree
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
CreateMutexA
CreateFileA
CloseHandle
GetLastError
GetWindowsDirectoryA
lstrlenA
GetCommandLineA
GetEnvironmentVariableA

advapi32

RegCreateKeyExA
RegCloseKey
GetUserNameA
RegSetValueExA

shell32

ShellExecuteA

wininet

HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE