ba8eef64113e1bdff97319b6d5692498_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba8eef64113e1bdff97319b6d5692498_JaffaCakes118
Size

10KB
MD5

ba8eef64113e1bdff97319b6d5692498
SHA1

c4e9e93b84b078bad4c93cef58aa5aa7d1f4ca52
SHA256

c05750714ad64ef942819e638542d7833d8f826dab135cea45a7dbc63bce33f8
SHA512

69689158f8dc39c8ac4ef661626d880433381891e4c6c589db550d7b500f1cbd2fd4f86b29bbf5626f830c6c4976e4c6dffd3ebbf05d4223c4ac73f2afcf5663
SSDEEP

192:H+AnCFMmeX1hI9xZCtNE3YmZhyh42gpBw+rHZ9oPsbHfyJ:eACqmlncYoOyOgQHvI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba8eef64113e1bdff97319b6d5692498_JaffaCakes118

Files

ba8eef64113e1bdff97319b6d5692498_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0f196bcea26bb99f2d662f996940aa7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
lstrcatA
CreateDirectoryA
lstrcmpiA
GetProcAddress
CopyFileA
SetFileAttributesA
VirtualAllocEx
LoadLibraryA
WriteFile
LocalAlloc
GetModuleFileNameA
GetModuleHandleA
CreateToolhelp32Snapshot
CloseHandle
LocalFree
WriteProcessMemory
DeleteFileA
CreateRemoteThread
Process32First
lstrlenA
Process32Next
CreateFileA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 885B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE