8a5e9a39723e6ddc2f8011246dae4ac9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a5e9a39723e6ddc2f8011246dae4ac9_JaffaCakes118
Size

14KB
MD5

8a5e9a39723e6ddc2f8011246dae4ac9
SHA1

2bb7349474692551b5f42f5a2798931ec4daa967
SHA256

1551d91b20b2b7eb91c91afbff6ed6d1bcf0478b058f97145e54ef714f7d7a7a
SHA512

7edd578fa179280666a894938134033e04c9c174c5e839321222938c5e1f5a2a7fc6354787641fd71c5f451fcbdf381e00f4b04586800253f1f507cb9fb73119
SSDEEP

96:te84MsteCQ16QqlKoXcFDDbizTxK8yNqlCmIVXcc/DVXrK9fMcBwRit/PVspNUAW:te84T2d+jKEiVXcch0HwsPwNFvK4Kl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a5e9a39723e6ddc2f8011246dae4ac9_JaffaCakes118

Files

8a5e9a39723e6ddc2f8011246dae4ac9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c06d1df3b2df1f3fc999adb2cdd45473

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
WriteFile
CopyFileA
FindNextFileA
FindClose
SetFileAttributesA
GetLastError
CreateDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
SetFileTime
GetSystemTime
GetDriveTypeA
FreeLibrary
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetVersionExA
lstrlenA
GetModuleFileNameA
LocalFree
OpenProcess
GetWindowsDirectoryA
GetDiskFreeSpaceExA
CreateFileA
SetFilePointer
ReadFile
lstrcatA
CloseHandle

user32

DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
wsprintfA

advapi32

RegCloseKey
RegOpenKeyA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegSetValueExA

msvcrt

strcpy
printf
memset
sprintf
strncpy
strlen
_strlwr
strcat
_stricmp
strstr
_strdup

Sections

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ