ce5c04778fe912ea22012646250b3904_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce5c04778fe912ea22012646250b3904_JaffaCakes118
Size

9KB
MD5

ce5c04778fe912ea22012646250b3904
SHA1

e9c71010878e5939124b5ece74b06940e4140a76
SHA256

a08e2fc6f344f87f6c4910899f8bcc2d3340285ee5d0e144cf42a51108ec90e5
SHA512

0e6c5d584d4588e698354507267a312bd8c8adab3d6dc2a475de1c032b3ca55a0cc32b5825a41e502da5ed311508848f48f5d5fba2393eb3bcfb008e6c0732c8
SSDEEP

96:J/WBlhIRlvj5aBF0sVjE31XGv0hxa/9p4h0GmZb67:bj5+F0sVW1Y0hxMIzmZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce5c04778fe912ea22012646250b3904_JaffaCakes118

Files

ce5c04778fe912ea22012646250b3904_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7fc8b5df249bac380943c0561c9aee6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrIA

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetVersion
Sleep
lstrcatA
lstrcpyA
lstrlenA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

comctl32

GetMUILanguage

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE