88dc9439ccd136798ed8afc0f3a633ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88dc9439ccd136798ed8afc0f3a633ab_JaffaCakes118
Size

11KB
MD5

88dc9439ccd136798ed8afc0f3a633ab
SHA1

ee8289b41b239092699494a194be1bf46e9a5869
SHA256

d15e54158a41e18267bc4be5ec5abd66e188c2ba4c1f301fbce150f033a5766c
SHA512

1d6077d51385eef0fbfe9a0f7537fb4252a7e5e873b76c5cf348ac9f9764b1fab5294bc4a61fb7d75d9307bedd3659e443bd00e6d279c1658d506c4802746946
SSDEEP

96:pMirCt7xYwBAx9Vsj8yiw4pzTokHJbrZgPihYeWETOVWplXb8vfs3x02R4rW4xPg:9a7OClCRD/r/XEB5wLDGs5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88dc9439ccd136798ed8afc0f3a633ab_JaffaCakes118

Files

88dc9439ccd136798ed8afc0f3a633ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92d7a1217103f0f2e5da57c41b8076b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrA
StrStrIA

kernel32

lstrcpyA
lstrcatA
CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetVersion
LoadLibraryA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE