83dcd6a04c15b5ddbc5b4b6a209cd3a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83dcd6a04c15b5ddbc5b4b6a209cd3a9_JaffaCakes118
Size

11KB
MD5

83dcd6a04c15b5ddbc5b4b6a209cd3a9
SHA1

b2c9d17831d83873f4eda6add6b6902cc0c0dc23
SHA256

0ce6664bf869f6262adcc2bea40b5e7430041c99b86730b4a0f1ded6c2af4b99
SHA512

e0f5ccb31b3347b512866b5fac0b57ce30e324818af4cab93f8e3e9b3aaec3a21e56140e931b14305883acfa8fef054773a71f50b61660542422e1de3a22d85b
SSDEEP

96:nPiel1zMc5nMvEzZ3cwMoMxrtb8ft9D2gJKKOtJyg4DMU+jLTNpOtJyg4D650w69:n7MczZ3cv7tYF9DyvKDqhEKD6+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83dcd6a04c15b5ddbc5b4b6a209cd3a9_JaffaCakes118

Files

83dcd6a04c15b5ddbc5b4b6a209cd3a9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

0d13896bd90a532994013e72bd1f8ec0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindResourceA
ExitProcess
ReadFile
CreateFileA
GetModuleFileNameA
GetSystemDirectoryA
LoadResource
SetEvent
CloseHandle
GetFileSize
SetFilePointer
SizeofResource
Sleep
WriteFile
lstrcatA
lstrlenA
OpenEventA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

user32

wsprintfA

shell32

ShellExecuteA

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ