bb17cc425a376ac443c050cd26e6af8e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb17cc425a376ac443c050cd26e6af8e_JaffaCakes118
Size

23KB
MD5

bb17cc425a376ac443c050cd26e6af8e
SHA1

d3be3f6248756745408e6b4387200a7dd717364d
SHA256

686a15ea65c181ca5f914eb1edb8204e8af649ab0597c03459d3a6d40b792c51
SHA512

04ab20f91c4115bfa12cacd4828584f00ee6c5b115eb92ff61a21cce3dead53a96c4f7bebdba986e173475b488ff4d37a437a08890cc687acf0082ab65bcf794
SSDEEP

384:utVz7ppCyXeSvyhwt5iW/8AoWw1v1hkNLdbaLa4CwUJuUCSFCJWe8EDEWW:WpCSlOwt5IAu1v7wbaLa4PU48IM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb17cc425a376ac443c050cd26e6af8e_JaffaCakes118

Files

bb17cc425a376ac443c050cd26e6af8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6efd8020654e3bf28b6c173ddfb3b4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
WinExec
GetTempFileNameA
GetTempPathA
Sleep
GetSystemDirectoryA
CreateFileA
LoadLibraryA
GetPrivateProfileStringA
ExitProcess
WritePrivateProfileStringA
GetModuleFileNameA
GetWindowsDirectoryA
FreeLibrary
GetLastError
CopyFileA
DuplicateHandle
GetCurrentProcess
GetProcAddress
CloseHandle
LCMapStringA
WideCharToMultiByte
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shlwapi

PathAppendA

Sections

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ