81f41fe58cf36b2b0d380847920def3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81f41fe58cf36b2b0d380847920def3c_JaffaCakes118
Size

88KB
MD5

81f41fe58cf36b2b0d380847920def3c
SHA1

082cb920bb2263d64f408c48419bf0196ecd280c
SHA256

d22e6beeddf5e943b292e8978a910f6bf85ba774fbee4e2ca2341c967366bc42
SHA512

04d927b80afd23e5f6f6ef189502b5eaba477a90f2c582f41b0f3a600b6d159a72f301281758fcb6e6997c659838defaa1872e62eac4ce071c57915c50f8c220
SSDEEP

768:Vk4qCnoCpPZLhGfCiOI33boX1SK/Qru0ifwodR:VkanoCpAO+oX1LQrBFoj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81f41fe58cf36b2b0d380847920def3c_JaffaCakes118

Files

81f41fe58cf36b2b0d380847920def3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

634ec28c4af43a818e9b07c013384cd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

kernel32

GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
GetCommandLineA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetLastError
GetProcAddress
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
FlushFileBuffers
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
CloseHandle

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ