7679aa1f4a6ce030075455e1733ba3c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7679aa1f4a6ce030075455e1733ba3c9_JaffaCakes118
Size

578KB
MD5

7679aa1f4a6ce030075455e1733ba3c9
SHA1

4c7c76a385d7c6d291e5fffb9b4cd0dc8735d77b
SHA256

c2463d493c6dd9f9bbe21ba219c5130feef64fe20948e2be996675abd87e6913
SHA512

8927ebdc5f05a8c5540b611b9150cf1d6c0ae00277027bb0815921f6f1c3b25e9bd92792eb8f7911129e67cfd169f0537109a6c3f4c8408cde55869f9c45d5fe
SSDEEP

12288:mYw9RZFcADad83lZpPLEMBSV0BHaRdrphv0wR3DnsF8u:+zT3DqaDpfBudlhvbFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7679aa1f4a6ce030075455e1733ba3c9_JaffaCakes118

Files

7679aa1f4a6ce030075455e1733ba3c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f8a2e8031419e819620bf8f4791da251

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\b\slaves\release\src\chrome\Release\mini_installer.pdb

Imports

shlwapi

StrStrW

kernel32

CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
CopyFileW
DeleteFileW
GetLastError
EnumResourceNamesW
LocalFree
lstrcatW
GetModuleFileNameW
GetCommandLineW
CreateDirectoryW
lstrcmpiW
GetTempFileNameW
GetTempPathW
ExitProcess
GetModuleHandleW
FindResourceW
SizeofResource
WriteFile
CreateFileW
LockResource
LoadResource
lstrlenW
RemoveDirectoryW
GetLongPathNameW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

CommandLineToArgvW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20.6MB - Virtual size: 20.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ