84afe34bc7e166ced82401ec315024ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84afe34bc7e166ced82401ec315024ce_JaffaCakes118
Size

104KB
MD5

84afe34bc7e166ced82401ec315024ce
SHA1

79654ffe1d893f7a29f2438ebffee6b7e185643b
SHA256

3556a7a13fa09a17276fbd1cb52f4c11b2c7ae857753745165629c219e4e0878
SHA512

7f344178788173f92013f6b2f0429681dcc51a3fee93cfaa341386d9cf8931abf5485b6e32549cc66903e50a616484df955f6e6ce5eff5cb653d24434591692b
SSDEEP

3072:jftjp/+qSdeSYqvMTWDKUwmoG9j8+Beid:LtjpwgqvoArlO+Beid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84afe34bc7e166ced82401ec315024ce_JaffaCakes118

Files

84afe34bc7e166ced82401ec315024ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf64356c6ba8cf2d69bd3efb09f5319a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetWindowsDirectoryW
lstrcatW
CreateFileW
DosDateTimeToFileTime
GetWindowsDirectoryA
lstrcatA
CreateFileA

advapi32

RegOpenKeyA

Sections

.data
Size: 512B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ