d29ece099afa1276cf74fdcc404df7df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d29ece099afa1276cf74fdcc404df7df_JaffaCakes118
Size

6KB
MD5

d29ece099afa1276cf74fdcc404df7df
SHA1

0e6c9491e5ad06d02a7bb46cb50c263a15d77c64
SHA256

407d55f6214a8fb3dbcde5abf66f4c76a6de8894b0804984aac91936b64b1332
SHA512

915c934ac092feb3ff1b1e7b8ad7bc725374fe1ab479e709809a4824606043002f3afedd9c036130959ee456c16466cc0aff2f602e281584e80abdeeff58366f
SSDEEP

48:yJIVfZEqtFUyv6h+Qw7CD8QTFB7L1gZtHtxNFmNKlJOP6VeKfDf/GFuSyNm:5BExLwUBLmZtHtYYpVLLHGO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d29ece099afa1276cf74fdcc404df7df_JaffaCakes118

Files

d29ece099afa1276cf74fdcc404df7df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a50a724507f2f6fd838e9e3f31b8c41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CopyFileA
ExitProcess
Sleep

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

Sections

.text
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE