d4ea70c06fdd56139e5a19f9257dcf54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4ea70c06fdd56139e5a19f9257dcf54_JaffaCakes118
Size

101KB
MD5

d4ea70c06fdd56139e5a19f9257dcf54
SHA1

f4a6610240bdd31b996e25e833918a1fb7fcb4e8
SHA256

53dcb21f6457ffc5a891d3fa03ffe21eb61290f34f76448fbbf7876517953a47
SHA512

6c09a583cc531b070a4d70e52dcd87772b3a94a1ea8b238677f3f017e3eb4a99c263f89c0a4a74c082155279d6e6a642ed1b6e8f3121a0af9c805537e4a61bfc
SSDEEP

1536:L3+QutxMk02oShUQhdh7KXLzxL8dbm3CnV0:LuQWxMk0pG37KXLzmgCV0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ea70c06fdd56139e5a19f9257dcf54_JaffaCakes118

Files

d4ea70c06fdd56139e5a19f9257dcf54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bc461d0fbb97282c97038a28296581b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
FindWindowA
wsprintfA

kernel32

GetExitCodeProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalReAlloc
GetCurrentProcessId
MultiByteToWideChar
OpenProcess
Process32First
CreateRemoteThread
SetFileAttributesA
Sleep
TerminateProcess
WinExec
WriteFile
WriteProcessMemory
lstrcmpiA
GetCurrentProcess
FreeLibrary
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateFileA
CopyFileA
CloseHandle
VirtualAlloc
VirtualFree
SetLastError
LoadLibraryExA
Process32Next
ResumeThread
GetPriorityClass

advapi32

RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation

iphlpapi

GetAdaptersInfo

Sections

Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE