728ed56f4ada424d96229451fd9c24be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

728ed56f4ada424d96229451fd9c24be_JaffaCakes118
Size

24KB
MD5

728ed56f4ada424d96229451fd9c24be
SHA1

82cfa0c0fd92c9dafafe0bffdf7382ded26d6df5
SHA256

6224910f6d8738b8c5390013b1177ae46db9610fecc82da442e95d3e94f67a28
SHA512

35b5a4eff3c5590980caf99427dc3e00fa1041461f3e391c0b0b78350bc7ba6926f0b290a1307461d4156dca1288d8548294956d1984e0cc4de76cdba5ca69b5
SSDEEP

192:KpsOFO2lB1KVAlxCpidMG5WPHY68Uc5he+1tjylt6GuGe5rx/V5vPwjoL/v:KpNrBc6dMYubxMNrxPvPwjo7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
728ed56f4ada424d96229451fd9c24be_JaffaCakes118

Files

728ed56f4ada424d96229451fd9c24be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0192669b6a41d1f64b60fb40967e6f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
FreeLibrary
DeleteFileA
GetCurrentProcess
CloseHandle
SetEvent
GetModuleHandleA
WriteFile
GetModuleHandleW
GetProcAddress
VirtualQuery
ExitProcess
GetCommandLineA
OpenProcess
GetShortPathNameA
GetEnvironmentVariableA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
lstrcpyA
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange

user32

CharUpperA
MessageBoxA
ExitWindowsEx
wsprintfA
PeekMessageA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
RegOpenKeyW
RegCreateKeyW
LookupPrivilegeValueA

shell32

ShellExecuteExA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE