787499e8bd00f628ea672fc86dcec433_JaffaCakes118 | Triage

Sharing

General

Target

787499e8bd00f628ea672fc86dcec433_JaffaCakes118
Size

532KB
MD5

787499e8bd00f628ea672fc86dcec433
SHA1

cca3dc8d83fd1ef03885595f60945d34a043df2c
SHA256

b25cf24cace53868b30e8505dd3d70049f574c98d0c429bdf08cdf1f540ad350
SHA512

9abdfb8a8965bef2aeba2b07aba538ba66c0c1ba01dd814e0240d1c385b64b5f47be96100dedfce3e0f149841c392c8bb54e297ef66ba36d0249cbce3d38db1b
SSDEEP

3072:rJB08sUx5op2N8Y/RDZI3rU4Lw6hDlhSYEm+tmaPDUnIcKDyMny:rJep2NN/oYt6hLSYUtXPCIcKDvny

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
787499e8bd00f628ea672fc86dcec433_JaffaCakes118

Files

787499e8bd00f628ea672fc86dcec433_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b96b64a111f3170b6a721052c5bc2e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegCreateKeyW
RegOpenKeyExA
RegLoadKeyW
RegOpenKeyExW
RegCreateKeyExW

kernel32

FreeResource
ReadFile
GetCommandLineA
CreateDirectoryA
GetLastError
lstrcatA
FlushFileBuffers
CompareStringA
OpenFileMappingA
lstrlenA
FindClose
ExitThread
CopyFileA
GetCPInfo
CopyFileExA
FormatMessageA
HeapAlloc
GetFileType
OpenFile
DeleteFileA
HeapFree

user32

CopyImage
GetScrollInfo
CloseWindow
IsMenu
GetWindowTextA
IsWindow
CreateIcon
DrawTextA

Sections

.4e1g
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hc489
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b42b
Size: 487KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.69b7
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ