a8c92820ce670eb5e629f5e8dda5f3ba_JaffaCakes118 | Triage

Sharing

General

Target

a8c92820ce670eb5e629f5e8dda5f3ba_JaffaCakes118
Size

95KB
MD5

a8c92820ce670eb5e629f5e8dda5f3ba
SHA1

0c15ca1e60f84c6f9b097d5676f581c7c11654bc
SHA256

386fc8064a65e8d4ecf4b8382805fa48388fffbcaa97fe064081cf60c2240ff6
SHA512

21587b468129139190d0319ae26c8d328ebd624b51ae728b8ef343cf3216fd93ed0d0fabc52231f23f67c8080adf0df287f27985e59a4cb5fb3609aa1e98e559
SSDEEP

1536:RVBZVv5xzQraclmt8Un8sB2LHijfnKjO2lNMovb/20qbl7g8Sff49KwWuBDjoXrR:lrv7zQrDI8iJ2LefnIOo7j/Fg7IfRdu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8c92820ce670eb5e629f5e8dda5f3ba_JaffaCakes118

Files

a8c92820ce670eb5e629f5e8dda5f3ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c63087260c0707eec701b5cc8bb22e13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetWindowsDirectoryA
IsBadReadPtr
MultiByteToWideChar
GetModuleFileNameA
GetCurrentProcess
GetTickCount

ole32

CoInitialize
CoUninitialize
OleCreate
OleSetContainedObject

user32

LoadIconA
DestroyWindow
ShowWindow
MessageBoxA
CreateWindowExA
UpdateWindow
PostQuitMessage

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ