6553e3e00f19543b766bd35faa0f461d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6553e3e00f19543b766bd35faa0f461d_JaffaCakes118
Size

96KB
MD5

6553e3e00f19543b766bd35faa0f461d
SHA1

717d71d221a352847836b96f4c00cead4241b636
SHA256

489160af2ab6bf2a4e335669b3714e8f8782a6af13bd40f24ef97ff8e7de9f07
SHA512

dc134936cbc33bf925f37652acb9774db38ddf73807672e453f11169378a8a355aed71ed6fc9cede5626b13de356c186722d18879fa85067fac78f6ad946d7c4
SSDEEP

384:5xYJ7ACEZdbS30lwgn71/COYBsf1LttkE+zIfwkcsf/4yTX9DVV3qtfUjpE0Wn:MJ7urw3i8EoIfUi/TtDKtsjpXs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6553e3e00f19543b766bd35faa0f461d_JaffaCakes118

Files

6553e3e00f19543b766bd35faa0f461d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6abc07f8725616ad05ce2e5b362c3952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetLastError
SetLastError
GetProcAddress
Sleep
ExitProcess
GetCommandLineA
CreateThread
FreeLibrary
GlobalFree
CloseHandle
GlobalAlloc
GetStartupInfoA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

msvcrt

strlen
memset
_except_handler3
strcpy
strstr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strcat

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE