c817760e3257066aa30e183d1a6b200d_JaffaCakes118 | Triage

Sharing

General

Target

c817760e3257066aa30e183d1a6b200d_JaffaCakes118
Size

626KB
MD5

c817760e3257066aa30e183d1a6b200d
SHA1

e07a5948a7c521454576b42e4e0978dc46488d85
SHA256

781febe1d5114fd88890026c420eae54f49e5955a33a804170474a3c604e7a2c
SHA512

0f2cdfe4d73e633655a2c9615a47f5a602423e23ea1df213d10a4931b39cc7513455074d9c9aa34a2667ee8b6e1de66b6b8da1bc673635c54195676d9840a99c
SSDEEP

12288:lpDULqzAIRYm/8JiWySNom0YtkuaKTeyecdwx4Ex5VoV4jZmOH2nmY10FGYR:jULqzJXUU9m9miekdwN5e4mA2nmYVYR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c817760e3257066aa30e183d1a6b200d_JaffaCakes118

Files

c817760e3257066aa30e183d1a6b200d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2852f41a13a7d9aa330cf6e7f28b9cab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHCreateDirectoryExA

msvcrt

free
malloc
fclose
fopen
_c_exit
_exit
_XcptFilter
_cexit
fwrite
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
srand
rand
sprintf
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
isxdigit
atoi
div
isalnum
isalpha
ceil
exit

kernel32

lstrcatA
SleepEx
WritePrivateProfileStringA
OutputDebugStringA
CloseHandle
GetStartupInfoA
WinExec
GetTickCount
GetSystemDirectoryA
GetFileAttributesExA
CreateFileA
SetFileTime
DeleteFileA

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ