d013b9fbae69cb3ffe68f0ca27d42ff1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d013b9fbae69cb3ffe68f0ca27d42ff1_JaffaCakes118
Size

47KB
MD5

d013b9fbae69cb3ffe68f0ca27d42ff1
SHA1

2ac478d6049bdc0c2652f25613485b6571806260
SHA256

a278cb0ef52531a174f605ab4456ed9f630c9b37b9429b725c6e03cdc16c582f
SHA512

0be12a845013a11cfe8a246dd6babedf2d93a9fc8b782022b1aba9e4638be7bd0335fff34a30f58450e88a70fd027bf7ca7fb267771ddfe356b7b38b1592d24c
SSDEEP

768:PrkvX4Hreu02K8tx3buQh6pN9eYTm7ujN0+tCu9ipZmte:PyL2VtpBh+3Th0+zijmte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d013b9fbae69cb3ffe68f0ca27d42ff1_JaffaCakes118

Files

d013b9fbae69cb3ffe68f0ca27d42ff1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dddcee040b8406dbd9b662f2ab77e8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
DuplicateHandle
HeapFree
GetProcessHeap
HeapAlloc
TerminateThread
WriteFile
GetProcAddress
GetFileSize
CreateFileA
GetModuleFileNameA
Sleep
SetFileTime
GetFileTime
GetSystemDirectoryA
GetCurrentProcess
CloseHandle
GetVersionExA
MoveFileA
GetTempPathA
GetTempFileNameA
GetStartupInfoA
GetModuleHandleA
DeleteFileA
ReadFile

advapi32

RegQueryValueExA
OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyExA
LookupPrivilegeValueA

psapi

GetModuleInformation

imagehlp

ImageNtHeader

msvcrt

_wcsicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
sprintf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi
_stricmp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE