8c6088c7a0dafc911a00a2b82954fea9_JaffaCakes118 | Triage

Sharing

General

Target

8c6088c7a0dafc911a00a2b82954fea9_JaffaCakes118
Size

3KB
MD5

8c6088c7a0dafc911a00a2b82954fea9
SHA1

e0c61c84cbc955365bcab883eec0261495c29ff0
SHA256

468923cc573dd6c8101d1b1c8bd9ef177b2466bddaff6d94f85d0a592d77bf34
SHA512

369e4380a84b5ebf55903c4b48bdc91fa6b8d993f3212bd9835994e36bfef8dc28608a5b280c0cdbb9100f0e77ad608cbd59318a11ba9c3dc2c43136d6cf83cc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c6088c7a0dafc911a00a2b82954fea9_JaffaCakes118

Files

8c6088c7a0dafc911a00a2b82954fea9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4159a86083502cf1c324e288867647b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetTempFileNameA
GetTempPathA
OpenProcess
Process32First
Process32Next
RtlZeroMemory
GetModuleFileNameA
Sleep
TerminateProcess
WinExec
WriteFile
lstrcmpiA
lstrlenA
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateFileA
SetFilePointer
CloseHandle

advapi32

RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ