84a86036d95139cc32653fedafe8d424_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84a86036d95139cc32653fedafe8d424_JaffaCakes118
Size

40KB
MD5

84a86036d95139cc32653fedafe8d424
SHA1

e26f13b05c3a61d05d31486aef6d35da59ea30bb
SHA256

c08faba19a716d11a9f3c528a82595bc12f1fcf1af934a25be3543381ff243ff
SHA512

94b442141a58e7e14d46c6f4a3c74e5e7de9a9ef2968a37e316be8ec2de49168b0eb94441f12606b411b839f4cb66b7cd6079bebf35ff868c0b359157ce2b46c
SSDEEP

768:yvJ6msno64CGbZKUSkUOsnOANiCNHCNIGw38:S6m014CGoBlOs99HY9+8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84a86036d95139cc32653fedafe8d424_JaffaCakes118

Files

84a86036d95139cc32653fedafe8d424_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4215bb6359161e9a8d05bd91a35fe8b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetTempPathA
DeleteFileA
GetProcAddress
lstrcpyA
GetModuleHandleA
CloseHandle
ExitProcess
WriteFile
LoadResource
GetEnvironmentVariableA
LoadLibraryA
CreateFileA
CreateDirectoryA
WaitForSingleObject
FindResourceA
GetVersionExA
CreateProcessA
LockResource

setupapi

SetupIterateCabinetA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

user32

wsprintfA
MessageBoxA

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ