784267e741df683d7ff79e495a42211a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

784267e741df683d7ff79e495a42211a_JaffaCakes118
Size

26KB
MD5

784267e741df683d7ff79e495a42211a
SHA1

9ccac6bbd9f750366d80e800e65dd47b3973836e
SHA256

c3562541b89145f45f95f0f27a2fc89dcf4b8ac019f7d0a2dfb182c9fe7ce5c1
SHA512

8cd98f1be90767d9e014d43534fe2c6d31065925b1168b26d5537c063b375baa26a80cf5b04cd59a5768afb4858297d56fa275c8ceccd915d85a152ac6d62be2
SSDEEP

192:gL1872TfrcVZS+v643+dH0dHRdHwdHPH1SdHB18Givpu111e/WnT3fvBR9cIz42v:gRTAv6G+qrmuJy0vBRh/HKK8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
784267e741df683d7ff79e495a42211a_JaffaCakes118

Files

784267e741df683d7ff79e495a42211a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82ed699d4cad81fb8bdc7c975915ad7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateMutexA
GetLastError
ExitProcess
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
CloseHandle
GlobalFree
WriteFile
WinExec
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
OpenFile
FindFirstFileA
FindClose
FlushFileBuffers

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

urlmon

URLDownloadToFileA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE