84b0238a8b30234c3ab81ea184adebd4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84b0238a8b30234c3ab81ea184adebd4_JaffaCakes118
Size

6KB
MD5

84b0238a8b30234c3ab81ea184adebd4
SHA1

69027a32976a3b98cbfbfe074f5b3a510c42d0b6
SHA256

df627ddea6d058b78c40b1855d4e2de089db38972bf00ccd59223f8c48a4246f
SHA512

5b5ee76a5ad83d380591ca60ad77e9d7fa10ffb774f3d717f012400f8ca9f36555e68b39de4b3c98cfd0c6898fd34715e2755b09d4681c5a63a83d9d72908673
SSDEEP

96:R9DZj75XwF62zEqT2HhosHdVlLdVOry3v4IUDa+i1JeAFJpc:R5Zf5paEqSdHlLKyf47Da+CTm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84b0238a8b30234c3ab81ea184adebd4_JaffaCakes118

Files

84b0238a8b30234c3ab81ea184adebd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

812417b58d4de5637d7cdb661b745306

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
DeleteFileA
Sleep
GetTickCount
GetTempPathA
lstrlenA
LoadLibraryA
ExitProcess
CopyFileA
CreateDirectoryA
GetWindowsDirectoryA
GetLastError
CreateEventA
WriteFile
lstrcatA
lstrcpyA
CreateThread
GetProcAddress

user32

wsprintfA
MessageBoxA

advapi32

RegCloseKey

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile

shlwapi

PathRemoveFileSpecA

msvcrt

_access
_stricmp
_itoa
sprintf
strchr
fopen
fscanf
fclose
??2@YAPAXI@Z
??3@YAXPAX@Z

rpcrt4

UuidCreateSequential

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE