ba7d59b9706b65dd8e6af2b676cb4784_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba7d59b9706b65dd8e6af2b676cb4784_JaffaCakes118
Size

10KB
MD5

ba7d59b9706b65dd8e6af2b676cb4784
SHA1

32899c0bd7674c66155dbe4264a172b58f51113c
SHA256

55ec7965b1df2dc93ce2454fb42952ca3a1ed7f1c3db6f4a06c228f6bdbbb090
SHA512

dd88a9be26d9efc466d2c6d06e48fb3b6a8cfd7f50ddc79f508e551a86f037a66b2381f8b440ad907d4102812187812c4e1059c650167867ad3aa90a078bcdff
SSDEEP

192:im2ln4xy6D2np45It74UmsjmKoaQQIOoey:V2DKbomxazIDey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba7d59b9706b65dd8e6af2b676cb4784_JaffaCakes118

Files

ba7d59b9706b65dd8e6af2b676cb4784_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d4c7611e7b0ba6c1a13f87ac9dd9008

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrA
StrStrIA

kernel32

lstrlenA
lstrcpyA
CloseHandle
ExitProcess
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetTickCount
lstrcatA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE