d204d9378d531bfdf8ef334b709d2cd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d204d9378d531bfdf8ef334b709d2cd8_JaffaCakes118
Size

12KB
MD5

d204d9378d531bfdf8ef334b709d2cd8
SHA1

7e5aa73499210fd982862d1aac338558b7c94c13
SHA256

0a8634cd4f92eecf77d2a0d96115ca73f845ab70ad28a26045670d73f137c005
SHA512

86aa467e2e1494a9d92f9b83434b3dff5b8e7c214418546f939057c05b71e379219ec8589c28bc82f6dc76eff6636491aad67b6b65431c402decf778140d60c1
SSDEEP

96:YQnaldn/Jy+80UnI68rePhfeM0dpLwRAYtFhwNJV6T+bzi27:ClHy+80UnITWhfeB3LwRtYJV6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d204d9378d531bfdf8ef334b709d2cd8_JaffaCakes118

Files

d204d9378d531bfdf8ef334b709d2cd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f0fa1d71c4bb5a4ce819e755a967d17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime

shell32

ShellExecuteA

shlwapi

StrStrIA

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

urlmon

IsValidURL

comctl32

GetMUILanguage

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE