b534ccf1adf32ce0f91dbd802351df69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b534ccf1adf32ce0f91dbd802351df69_JaffaCakes118
Size

24KB
MD5

b534ccf1adf32ce0f91dbd802351df69
SHA1

9b27ce5ddf4ca98c0cdb1c0c8a70019e867cc169
SHA256

bbec2aeaf17e51025251a9054cd68ed88ca248fc561bc3707dc6d3752f9655fa
SHA512

8a1bc686cc8c4976965bd1eb8cd0ba462719df0030ba6e3ef76e9b22dd16321bd56302e18734ea06896d17ba86640d0197444a2d60870375829374848e2530a3
SSDEEP

768:G8ixqEXJgsd7DTra621Ec2eAyv8scpIXlxkRo9:G8iUEZ3D62ctDvoSXlaRo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b534ccf1adf32ce0f91dbd802351df69_JaffaCakes118

Files

b534ccf1adf32ce0f91dbd802351df69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9e5aad1fd6345dc1f432d38a89ef5f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetTickCount
CreateProcessA
lstrcatA
lstrcmpA
CopyFileA
SetFileAttributesA
GetWindowsDirectoryA
GetSystemDirectoryA
CloseHandle
GetFileSize
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetComputerNameA
GetProcAddress
GetModuleHandleA
lstrcpyA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
RtlUnwind
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateRemoteThread
GetVersionExA
OpenProcess
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
LoadLibraryA
Sleep
SetLastError
GetCurrentProcessId
ResumeThread
GetPriorityClass
VirtualAlloc
VirtualFree
lstrcmpiA

user32

wsprintfA
FindWindowA
GetWindowThreadProcessId
wvsprintfA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
GetUserNameA
RegSetValueExA

shlwapi

SHDeleteKeyA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Data
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE