b2c7acbf8f79e9c2fa37aca240a321c8_JaffaCakes118 | Triage

Sharing

General

Target

b2c7acbf8f79e9c2fa37aca240a321c8_JaffaCakes118
Size

31KB
MD5

b2c7acbf8f79e9c2fa37aca240a321c8
SHA1

9e3f6167297415d31cb910957b3d2ff2105697bf
SHA256

5f6737792a2c3a3d7093e0521741d3f8db33b0ba4d0419532cc038a8d2246a08
SHA512

cdb124cbc2e1d64e42e24148bade0af11ec6431fe03aaca6fd0173fc984218f8358064e44fc148ad8ae2e1b993ed9960c959b0afab24e8d2ca09b7de2363db6b
SSDEEP

384:8WIUgSl07YkgSglT61O7weLwZptPp5jm0cb8+:v0MkWT6RectvbcY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2c7acbf8f79e9c2fa37aca240a321c8_JaffaCakes118

Files

b2c7acbf8f79e9c2fa37aca240a321c8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6046fdc6bec5950b7d0b19f92828b44b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Sleep
GetExitCodeProcess
CreateProcessA
ExitProcess

user32

MessageBoxA

advapi32

RegQueryValueExA
RegCreateKeyExA

Sections

data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

code
Size: 1024B - Virtual size: 519B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ