c1a241afc44966c840d4f7acc8c52d4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1a241afc44966c840d4f7acc8c52d4d_JaffaCakes118
Size

24KB
MD5

c1a241afc44966c840d4f7acc8c52d4d
SHA1

9daba1f1ff53bfbf55e6ab1ce82143ba85bc25a7
SHA256

3cfdb847b275a3bb4487015d07030c561f9af6411ccd82ff2ea72a02a6317b1a
SHA512

eb126a749dc9987edccd124999fc98f3d573eb49ee17750ab44ec658558c05e23758fadf2d2d5471f228940b0bc9ab6658ae575af39255b1fbcb777bb41143a2
SSDEEP

192:fqq9z1utyLaNgmoynXjMf80ftAELp6NQCb0RN0JYgAN4NIJgidwnQUjvI:fqq5W6mKRftAGM0sYgG4HidmQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1a241afc44966c840d4f7acc8c52d4d_JaffaCakes118

Files

c1a241afc44966c840d4f7acc8c52d4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e70d125407cea1ff9f2cc7b5cb901138

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
FindClose
FindNextFileW
FindFirstFileW
SizeofResource
FreeResource
GetProcAddress
LoadLibraryW
FindResourceW
GetModuleFileNameW
FreeLibrary
WriteFile
ReadFile
SetFilePointer
eW
CloseHandle
Sleep
CreateFileW
GetModuleHandleW
CreateDirectoryW
GetStartupInfoW

advapi32

RegCloseKey

msvcrt

wcsstr
wcscpy
wcslen
wcsncat
wcscat
wcsncmp
wcsncpy
??2@YAPAXI@Z
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z

Sections

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ