73fd2f0bff5b5bb67e70d78f84056a89_JaffaCakes118 | Triage

Sharing

General

Target

73fd2f0bff5b5bb67e70d78f84056a89_JaffaCakes118
Size

9KB
MD5

73fd2f0bff5b5bb67e70d78f84056a89
SHA1

e4cf88936a2203b76f4118bae79ec53361ebba7c
SHA256

554fdfd7880794046c55d68b6a798c4a6b237fd31095746cb1dac5401ada5168
SHA512

6859283bc44d86afe3eb6119eb8c4b0a9579b7965e0d5ceda74007e9ec84d603bc792930dfdb12eddc4cb68dda3a50cbc8c175010cd245b205574b3c87093474
SSDEEP

96:L7LIHxa5sWH7Uo5ZN6Vf5bfdz9fxmvZCRTQ5HiDpwe/gYxI9T3vsqz:LwsTQoMnfdzkne/gYxI9TkM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73fd2f0bff5b5bb67e70d78f84056a89_JaffaCakes118

Files

73fd2f0bff5b5bb67e70d78f84056a89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

213471227bdad30b47634fdf6921b2c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CloseHandle
Sleep
WaitForSingleObject
CreateEventA
CreateFileA
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA
GetLastError
HeapFree
GetProcessHeap
ExitThread
GetModuleFileNameA
GetFileType
CancelIo
HeapAlloc
GetCurrentProcess
FreeLibrary
lstrlenA
lstrcmpA
WaitForMultipleObjects
ResetEvent
CreateThread
SetEvent
CreateProcessA
WriteFile
GetSystemDirectoryA
SizeofResource
LoadResource
FindResourceA
Process32Next
Process32First
CreateToolhelp32Snapshot
LoadLibraryExA

user32

wsprintfA
ShowWindowAsync
CharUpperA

advapi32

RegCreateKeyExA
RegNotifyChangeKeyValue
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ