c138585323c4dfb73c1cf59ea070d43f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c138585323c4dfb73c1cf59ea070d43f_JaffaCakes118
Size

5KB
MD5

c138585323c4dfb73c1cf59ea070d43f
SHA1

b3e1cd38bc4b8c5d8a76db838b4bf8159c73b2dd
SHA256

eedb5c3daed5be3809eee8adeeb97f06a7c3bac80c23f9608dc716495d543a45
SHA512

5d501c12857e397644604b00acda9bb08db6216331ff54526bd915a9212e7a6a796b225fb420a1feff65f210b687319ba53ead9c0ec8ff56c978c11c486dd6f2
SSDEEP

96:YrDdWGG34o5IUjI7mYQ0Dob49fTg13pl:YsG+TYw4xe3p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c138585323c4dfb73c1cf59ea070d43f_JaffaCakes118

Files

c138585323c4dfb73c1cf59ea070d43f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dbc30b60d81bc472924815018bcb8f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
SetCurrentDirectoryA
RemoveDirectoryA
ExitProcess
Sleep
DeleteFileA
FindNextFileA
FindClose
lstrcpyA
GetCurrentDirectoryA
lstrlenA

user32

CharUpperA

advapi32

RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetFolderPathA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ