696a46effd95e1837a067ff661fc6bea_JaffaCakes118 | Triage

Sharing

General

Target

696a46effd95e1837a067ff661fc6bea_JaffaCakes118
Size

8KB
MD5

696a46effd95e1837a067ff661fc6bea
SHA1

08a702c528fd88468230fd26077e25b0705e4970
SHA256

4ee8b727898c4fa9a61694a6b100c4818c43129a2fb5b7cf818dbac0704bcd79
SHA512

7128536c879504ce5c8e12f174c0fad546d053a15f5e669144108958992709408ce7a9f14d697db6e2a1ef743bd3b3f4e2947076925a8bb57b65421da57ee90d
SSDEEP

192:F8u97GkyUzwcof40y5fcwKkN3l1aS9GdZkjF8:iGryUzwXw3lZNV1aS9GeO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
696a46effd95e1837a067ff661fc6bea_JaffaCakes118

Files

696a46effd95e1837a067ff661fc6bea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6514684f03dab6dfce881b14fa35648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strcmp
memmove
strlen
strcpy
strcat
strncpy

kernel32

GetModuleHandleA
HeapCreate
GetEnvironmentVariableA
GetCurrentDirectoryA
GetModuleFileNameA
HeapDestroy
ExitProcess
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
CloseHandle
CreatePipe
GetStdHandle
HeapAlloc
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
SetFileAttributesA
HeapReAlloc

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA

Sections

.code
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ