86daaf26dfad869a9751cbddde1c14ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86daaf26dfad869a9751cbddde1c14ee_JaffaCakes118
Size

74KB
MD5

86daaf26dfad869a9751cbddde1c14ee
SHA1

9fb9589015eddb630163fa824257ce5292cffe01
SHA256

bff0fb1c0eb61adafd235983adb8d8985f6225a89f5adf5fdf676f7b001bf3ed
SHA512

3beacdb1d4f101b65a06bc851c0822db4d78517be13c646f263db6f465609b1569c9e6c6097055261f1f66f2b2543a570f21e5adf4040a6b1d676b229b807167
SSDEEP

1536:UjvBI7kuQTg/b742IW2URnHTUzTYieupTLG0KHKRmd1y:Ujvpr6bMA2ggoktbp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86daaf26dfad869a9751cbddde1c14ee_JaffaCakes118

Files

86daaf26dfad869a9751cbddde1c14ee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

98b1ed969886aeed527d2862ed0723ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetModuleFileNameA
LoadLibraryW
GetCurrentThread
GetEnvironmentVariableA
CreateFileW
FileTimeToSystemTime
ReadProcessMemory
GetModuleHandleA
OpenMutexW
VirtualAlloc
GetEnvironmentVariableW
SetLocalTime
GetTempPathA

untfs

Recover
Format
Extend
FormatEx
Chkdsk

advapi32

CreateServiceW
RegEnumKeyA
RegLoadKeyA
CryptSignHashW
ControlService
RegOpenKeyA
LogonUserA
RegDeleteValueW
RegCreateKeyExA
OpenEventLogA
StartServiceW
RegRestoreKeyW
RegUnLoadKeyW
RegReplaceKeyW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.loop
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_MEM_WRITE