af1e77855ca15f0610774bc3ff2f466f_JaffaCakes118 | Triage

Sharing

General

Target

af1e77855ca15f0610774bc3ff2f466f_JaffaCakes118
Size

24KB
MD5

af1e77855ca15f0610774bc3ff2f466f
SHA1

9e59616e0b11d8d8f4e72f40652cb46f3f4f4ea5
SHA256

4b1d8bf894688825a5ccc085ee96df2a70327f102009066b0ce2939aa38a5fb9
SHA512

4cc6a5562690c32abd4aaebc9bbb16d3e1578e4425b7e4c4547b22f0386a30fa557d4fee2893f636eabe2c43c3e331126c0d1ca453120b23c8b715d92eb05289
SSDEEP

192:WW1rPAc3M82Wu9FpNjkGBL2Kl5QP1x07PVY68IDX0Yt5F1ge5dsAxcMpy6/v:WUr+hTFptkKCK22bBcMpySv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af1e77855ca15f0610774bc3ff2f466f_JaffaCakes118

Files

af1e77855ca15f0610774bc3ff2f466f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ba8cc95cdb932d2b82f023440436ea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
DeleteFileA
CloseHandle
GetModuleFileNameA
OpenEventA
GetLocalTime
GetProcAddress
lstrcatA
FileTimeToSystemTime
Sleep
GetTickCount
GetModuleHandleW
SetEvent
GetCurrentProcess
FreeLibrary
PulseEvent
ExitProcess
ReadFile
GetModuleHandleA
HeapFree
WriteFile
HeapAlloc
GetProcessHeap
CreateFileA
GetFileAttributesA
GetTempPathA
CompareStringA
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
lstrlenA
lstrcmpA
RtlUnwind
InterlockedExchange
VirtualQuery
VirtualAlloc
HeapReAlloc

user32

CharToOemA
wsprintfA
ExitWindowsEx
GetForegroundWindow
MessageBoxA
ShowWindow

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
LookupPrivilegeValueA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken

shell32

ShellExecuteA

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE