c05ea1e5b7ad84f510f2d76cb2054e75_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c05ea1e5b7ad84f510f2d76cb2054e75_JaffaCakes118
Size

9KB
MD5

c05ea1e5b7ad84f510f2d76cb2054e75
SHA1

450eb3d2b183887f21b13a9059ffd223d78cc9cc
SHA256

8bae5fe04c9ddfad25dac3afba95af86339c94bc27b1bdb2b63d89efa7a8691c
SHA512

ecf537a0fe9d2d0a172a7db211c1cf277f8d3d242cefd195d692a1bff15ab4fc650d3afed26c0206db09056aeb3fc6cbf4774261d2d7ad5962c359069ab93579
SSDEEP

192:wQf4oRDvTnLSwhwEoUo2NVfzqCSq0EkUGkpJa8UDwEV8q+LDwGyQLGZquP:wQQe7uwhwEoz2bCEkUGkpJanDnV8F4V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c05ea1e5b7ad84f510f2d76cb2054e75_JaffaCakes118

Files

c05ea1e5b7ad84f510f2d76cb2054e75_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2f455eed577030d14dfd5287f58323a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetSystemDirectoryA
GlobalAlloc
GlobalFree
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetFilePointer
SetFileTime
Sleep
VirtualAlloc
WinExec
WriteFile
lstrcpyA

user32

PeekMessageA
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

shell32

StrStrIA

iphlpapi

GetAdaptersInfo

sfc

ord5

Sections

.flat
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ