75b1b871d203cd7c0e1c454fca68b0a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75b1b871d203cd7c0e1c454fca68b0a3_JaffaCakes118
Size

7KB
MD5

75b1b871d203cd7c0e1c454fca68b0a3
SHA1

297d172817694be54dd9431aa97bc5dc2f99c8c5
SHA256

0bd2085d0cc0f8b27591f77ab5ffc45ca276032546a2d4befe26ac22d2f48b07
SHA512

52fd8d8338f9ae031a7c16ef125a30582c194477a6b5ef2c3014e8007d4c952317d072b582e596300f24834ae721a4d224c0a6c10fd9a89496cc1cd06d5a415a
SSDEEP

96:5/Ia2y4mtgyEhbY5wMYaVWxFUknD8uycpe3kXW/7JGjUN4VqA:KMmjhbY5wMxV0Oko3cI3kQ7G3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75b1b871d203cd7c0e1c454fca68b0a3_JaffaCakes118

Files

75b1b871d203cd7c0e1c454fca68b0a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2750caee9aac1f12a0137ed01f02dcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteFileA
ExitProcess
GetCurrentDirectoryA
GetFileSize
GetModuleFileNameA
GetProcessHeap
GetTempPathA
HeapAlloc
HeapFree
ReadFile
CopyFileA
SetFilePointer
WinExec
WriteFile
_lclose
_llseek
_lopen
_lread
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA
CloseHandle
RtlZeroMemory

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE