a282c4369d16e66603c08bc5de6d3347_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a282c4369d16e66603c08bc5de6d3347_JaffaCakes118
Size

16KB
MD5

a282c4369d16e66603c08bc5de6d3347
SHA1

e2b4c9943dc41202f5af385e6f3e6221768e2f11
SHA256

585ea3e4ea8f2c2fb247e04c280bd3ecb407b5151eb5ad47e878dec98e0c0806
SHA512

6395ba77fc5795e43300179df70240d4133641ab91edec997b8ad41c6fef1d32a9bda616c0fae390b336db4f8a62b05592476dd41dafb19e316118912b3b3bd0
SSDEEP

192:n3GumuP9fiLuIrE1GfyqWLLDA6ELK4kxsdVuv822PKt0tGhwXf9YOx:ZvP9qLuN1GfyfiLK4as6+usG6f9YOx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a282c4369d16e66603c08bc5de6d3347_JaffaCakes118

Files

a282c4369d16e66603c08bc5de6d3347_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aa907397a52b06da7cd4171d7a7861c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
VirtualAlloc
GetModuleFileNameA
GetLocalTime
VirtualFree
WriteConsoleA
CreateFileA
CreateMutexA
ExitProcess
GetCommandLineA
GetModuleHandleA
WaitForSingleObject
WriteFile
GetVersion
MoveFileExA
ReadFile
Sleep

ole32

CoCreateInstance
CoInitialize

advapi32

RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

shell32

ShellExecuteA

user32

CharToOemA

oleaut32

VariantClear
SysFreeString

Sections

CODE
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ