8ba9d5a3628a64034dc4e3d2ef06c428_JaffaCakes118 | Triage

Sharing

General

Target

8ba9d5a3628a64034dc4e3d2ef06c428_JaffaCakes118
Size

572KB
MD5

8ba9d5a3628a64034dc4e3d2ef06c428
SHA1

e4985b0e346fa11d11e9a520a300f890fbed81a6
SHA256

ca011c7f7084d951d24e2d8f21a4688425429695f339c01b6f0431027cd01a1b
SHA512

b7de8ebf23848e3cb94f51e3d7f4984c54efd5a93092f870efd070f4021bd09563518103b8b7664fbc07909de646028b72a9fa2f756052749164efb50535573f
SSDEEP

12288:Bc1WrtOLqz3/pWOxT7D0FftJ4DzcB3NCFNch+gF++P4PnQjA/Fp9WM:2grtea/pZNDyt+DCNCLM+wUQu9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ba9d5a3628a64034dc4e3d2ef06c428_JaffaCakes118

Files

8ba9d5a3628a64034dc4e3d2ef06c428_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aef775a4a606ea92b7f6f2c2e33ca283

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
fwrite
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
free
_c_exit
fopen
fclose
malloc
__p__commode
srand
rand
sprintf
atoi
div
isalnum
isalpha
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
isxdigit
_adjust_fdiv
ceil

shlwapi

SHSetValueA

shell32

SHCreateDirectoryExA
SHGetSpecialFolderPathA
ShellExecuteA

kernel32

WinExec
OutputDebugStringA
GetTickCount
GetSystemDirectoryA
GetFileAttributesExA
CreateFileA
SetFileTime
CloseHandle
WritePrivateProfileStringA
SleepEx
lstrcatA
DeleteFileA
GetStartupInfoA

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 540KB - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ