61e7192b259e7bc34ee619b2b03226bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61e7192b259e7bc34ee619b2b03226bf_JaffaCakes118
Size

20KB
MD5

61e7192b259e7bc34ee619b2b03226bf
SHA1

d6640f255e6d6ae157304470432ba3408f095408
SHA256

19aea8e915c40edbb8c02e4637435f36bc5742d2d142e11e886f8cc9c9da33cf
SHA512

96a969a1b1afe53a6779ca474983d69a422990e7d7e88e27efbdf07f0ed59f59f8287fe5c41cf49c347775276d05af1b2c07024112babe2256f03056a34a3a92
SSDEEP

192:BkWrel1iRxsXLW8s7ADt6fA//0cEh1hCgqo/QRUDrErzYUFrNS:Bdal0IXzs7ADQAn0rLC+ErzYUjS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61e7192b259e7bc34ee619b2b03226bf_JaffaCakes118

Files

61e7192b259e7bc34ee619b2b03226bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

004bb8f32bab7f1fe51fa700e6ce3727

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryExA
lstrcmpiA
DeleteFileA
SetFileAttributesA
lstrcatA
CopyFileA
GetModuleFileNameA
lstrcpyA
MoveFileA
GetShortPathNameA
CreateFileA
GetModuleHandleA
GetStartupInfoA
ExitProcess
GetCommandLineA
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
SetLastError
GetSystemDirectoryA
GetCurrentDirectoryA
OpenFile
ReadFile
GetFileSize
WriteFile
CloseHandle
lstrlenA
CreateDirectoryA
EnumResourceNamesA
SetCurrentDirectoryA
GetWindowsDirectoryA
RemoveDirectoryA

user32

CharNextA
wsprintfA
MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ