a4c1da0d85b89a7b52f4df49903b6e77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4c1da0d85b89a7b52f4df49903b6e77_JaffaCakes118
Size

4KB
MD5

a4c1da0d85b89a7b52f4df49903b6e77
SHA1

7a79de2967208e9556db16a092674cf7dc990f31
SHA256

d8f7dd9004b5a0b5aeee03ef2e6e4acbe6ec0b8eacd254c98370951a3fe9570c
SHA512

71d140d2c56132e1b1c8d865b70507cf90f3eb5b1f9d86b4b94f2874f2c04843cf85c0321d16246e7f5637c76830904532d2c76586a6fbb7eb7f4a8602f0c634
SSDEEP

48:Zvt7JLvfXo7fHqK7oY/gjxltbgAsnRJF2dhNAMoBAAP:Z1dcTH37oWQftbgAsRD2hcKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4c1da0d85b89a7b52f4df49903b6e77_JaffaCakes118

Files

a4c1da0d85b89a7b52f4df49903b6e77_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aa57ab958c5dfd47adbac79d9c490f1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ExitWindowsEx

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
Sleep
WriteFile
lstrcatA
lstrlenA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegSetValueExA

Sections

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE