7914a994bce19a7db0acfdc50bcd4eb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7914a994bce19a7db0acfdc50bcd4eb5_JaffaCakes118
Size

45KB
MD5

7914a994bce19a7db0acfdc50bcd4eb5
SHA1

016a79d76bc2bced888000ac268acd8a8d0334a9
SHA256

2a79209f8408f26734cf8627a48bce9b8c5b1a2feb58378ad06b2b5584997edb
SHA512

01cc200f895810c697a83e1a366a29cce0a52617575bf7ade33361eb6ceb57cc27d9356d1e5358aa35ccf7638194cbc95d75d65f4fee41bad7a53a6aa04553bb
SSDEEP

768:MevzavvULjxlP4cN7wsTQK+R0FJ1iLIGyG8iP5ixpysqbX:MevzysLjxlz1NnFJcL9y6hkpy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/1.jpg .exe

Files

7914a994bce19a7db0acfdc50bcd4eb5_JaffaCakes118
.eml
email-plain-1.txt
photos.rar
.rar
1.jpg .exe
.exe windows:4 windows x86 arch:x86

1109263a12dbf34661b1c4aa865dc07a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

ReadFile
lstrlenA
CloseHandle
CopyFileA
CreateFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
lstrcpynA
SetFilePointer
Sleep
WideCharToMultiByte
WinExec
_lclose
_lcreat
_lwrite
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA

advapi32

RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
CoCreateGuid
StringFromCLSID

oleaut32

SafeArrayAccessData
SysFreeString
SysAllocString
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreateVector

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
2.jpg
.jpg