b0f617310cd81d1175edc446ec0b59a5_JaffaCakes118 | Triage

Sharing

General

Target

b0f617310cd81d1175edc446ec0b59a5_JaffaCakes118
Size

21KB
MD5

b0f617310cd81d1175edc446ec0b59a5
SHA1

94f247413e0be839f487acd9a6a4f332b570dbb1
SHA256

79dea1e3fd2c97d7a9757f678721c586d98404df9b9a1e3f98f399e7bcda4a80
SHA512

9960ce283e9a53afd620c7597db2954d5eb8d4963b611d2480e6a16c8a9e89a7211975e461ae70a6fcb5895ae8e5471ac532b2804649935cbb8b404f23023076
SSDEEP

384:b7vkNzincBcNADupl2+RMNbBwvbSwLkNarRjbA0AjxiugE7+cD:Pk0ADuS/V+Sw4NGbO1Zb+cD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0f617310cd81d1175edc446ec0b59a5_JaffaCakes118

Files

b0f617310cd81d1175edc446ec0b59a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7cc6a26c7bbdc572d5b5354387bed144

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetSystemInfo
VirtualProtect
lstrcatA
GetCurrentDirectoryA
WaitForSingleObject
GetLocaleInfoA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualQuery

user32

MessageBoxA

advapi32

RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteExA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE