85e7c3d75f2f0042f2fcf59edb55b4f3_JaffaCakes118 | Triage

Sharing

General

Target

85e7c3d75f2f0042f2fcf59edb55b4f3_JaffaCakes118
Size

20KB
MD5

85e7c3d75f2f0042f2fcf59edb55b4f3
SHA1

879c799144d52b3d4599c6b93cd4f68746d45df0
SHA256

a4620da7228c594c71199d2d42e3319b3ca6373eaf022528aecf63a3323ebbdf
SHA512

20c0552f526c5dac50072eec409c4248dfb858f5c66f47efd7dfb44f3868345f76bac4ab9c71c981370f3b9c90f6f8c54adab33ef0f17ee8914960bdf0468599
SSDEEP

96:V4TireJI5chwSjNW61MzUJdAJtyyana56IXaCX2p4h+S2xtWQX90Qd67:+TirSIGppPMQJdetyyaa56UXyIB2yQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85e7c3d75f2f0042f2fcf59edb55b4f3_JaffaCakes118

Files

85e7c3d75f2f0042f2fcf59edb55b4f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b14220dabe7aae7da48b19f3ec8f31a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardLayout
GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrIA

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
Sleep
lstrcatA
lstrcpyA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

urlmon

CoInternetCompareUrl

comctl32

GetMUILanguage

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 748B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE