93ad16a350a67d6ce7a7381075eba0c6_JaffaCakes118 | Triage

Sharing

General

Target

93ad16a350a67d6ce7a7381075eba0c6_JaffaCakes118
Size

25KB
MD5

93ad16a350a67d6ce7a7381075eba0c6
SHA1

bfc5a6b4e3bd59f8c256d9766fd90ed2ff40d757
SHA256

37c97571341a656ea8367adec572b6dbc33b63eb27fe7c3639eb56b05ac8f8ed
SHA512

bb438c2837d3e6d4224e7d196d623d8565da7b331b086b5ce19df4636540214777b90a46f7e243d6b6cadfbf70e10eff0a7c8c1a5fd4e560ecc7eedfacf2a5d7
SSDEEP

384:sUTPPc+hh/5ar7V9n8TOqUz6sLIoKkGw:sUTPPcQaPfn2bUz6d9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93ad16a350a67d6ce7a7381075eba0c6_JaffaCakes118

Files

93ad16a350a67d6ce7a7381075eba0c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ede0d96a67e2e425bf048e9cece10d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetModuleHandleA
GetCurrentProcess
VirtualProtect
GetModuleFileNameW
DeleteCriticalSection
CreateFileW
GetCurrentThreadId
CloseHandle
GetModuleFileNameA
GetCurrentProcessId
CreateThread
GetLastError
GetProcAddress
GetModuleHandleW
EnterCriticalSection
DisableThreadLibraryCalls
LoadLibraryA
ExitProcess
CreateEventW

advapi32

AreAllAccessesGranted

shlwapi

StrChrA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 35B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ