b089d6ec106fc177d987854aaa7dc3d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b089d6ec106fc177d987854aaa7dc3d0_JaffaCakes118
Size

6KB
MD5

b089d6ec106fc177d987854aaa7dc3d0
SHA1

5bc1d822f8ade891ef941f160de3a637fd3d0dd9
SHA256

d22c686d5dc2b11eea3585ca12c8ab693eba39432c35163a29a75cfca7ad9277
SHA512

7bbb5b7452fe7be953dac0440aad3513a03857b9f4cd3a2b471eb5f960924f18d5e4f3e43e3e921923be258627271e7c1b3bec0a9d504f5eb94f1b2e48d73ddd
SSDEEP

192:Sey3f4olDvTnLWl1EoDfKuQGzi0gv8zuCzBa:S1Q+7m1EoW5V+l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b089d6ec106fc177d987854aaa7dc3d0_JaffaCakes118

Files

b089d6ec106fc177d987854aaa7dc3d0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a5ebfc1c2b0ca9e0e15abad948aa246b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetModuleFileNameA
GlobalAlloc
GlobalFree
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetFilePointer
SetFileTime
VirtualAlloc
WinExec
WriteFile

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

sfc

ord5

Sections

.flat
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE