714246ba28e53d2cc9f42922c8e10acb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

714246ba28e53d2cc9f42922c8e10acb_JaffaCakes118
Size

89KB
MD5

714246ba28e53d2cc9f42922c8e10acb
SHA1

781ee9e562e613969877702cbd3b1091d8ea5628
SHA256

cfcf6ca31d9ce0df284091e8e58a07c14ba54a26684b42c3a003592c13834a30
SHA512

1df4d7aa8341ea34ab283b23d45f3344d086921d3e893661099872b9b1e6964cd3892e286c48a1f16cac886b59b0e2fe809ca2727fd0cb1aa62629b7b7cafc75
SSDEEP

1536:weXBuz29MyJC2BLX6CaLa7ODd7kapqhj7QM3oySqEWjiS/dCvd9c6J5xdGEqvI:Fue4mNaL8OlXohjcMgtS/ic6JvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
714246ba28e53d2cc9f42922c8e10acb_JaffaCakes118

Files

714246ba28e53d2cc9f42922c8e10acb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e995686588eaa980ab55e307dc1ab47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
LocalFree
LocalAlloc
LoadLibraryA
GetShortPathNameW
GetModuleFileNameW
GetCurrentProcess
GetModuleHandleA
CloseHandle

advapi32

RegQueryValueExW
RegOpenKeyExW

msvcrt

wcslen
strlen
wcscat
wcscpy
memset
fclose
fwrite
_wfopen
swprintf
wcsrchr
sprintf
strcat
strcpy
??2@YAPAXI@Z
free
??3@YAXPAX@Z
malloc
exit
_wcsnicmp

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE