bc845cad41af276ab2d41dfa2b97cf7c_JaffaCakes118 | Triage

Sharing

General

Target

bc845cad41af276ab2d41dfa2b97cf7c_JaffaCakes118
Size

3KB
MD5

bc845cad41af276ab2d41dfa2b97cf7c
SHA1

cf78f4710a129f0be910a21387578bb57a169054
SHA256

0bacdf835aa437d37622b9b817fd10a42ece8aea0dfd75184a6f1320290ab6d1
SHA512

d2218a5fbbc02031ad029208dcaeddc3d3592e074fc27998f6b3d4648b1dd8c63e2e8af6c6eab70083c799367f740429aeb57e422cef48955635d092782bab73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc845cad41af276ab2d41dfa2b97cf7c_JaffaCakes118

Files

bc845cad41af276ab2d41dfa2b97cf7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e65f3ac425675d008b49131955373d0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
VirtualFreeEx
LoadLibraryA
Sleep
GetModuleFileNameA
GetTempPathA
GetModuleHandleA
GetProcAddress
WinExec
MoveFileExA
OpenProcess
ExitThread

user32

GetWindowThreadProcessId
FindWindowA

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteValueA

msvcrt

exit

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE