d7492bf3e6d99724130f459ae4d5764b_JaffaCakes118 | Triage

Sharing

General

Target

d7492bf3e6d99724130f459ae4d5764b_JaffaCakes118
Size

40KB
MD5

d7492bf3e6d99724130f459ae4d5764b
SHA1

10f86ba91c7e8f28a013ed046d39b257b73b40a3
SHA256

0eceec86577caf1d770d7446d7f9092f16de62af1dc1fc60db81fc215f126fea
SHA512

d64d290fa6d1c01b7c0dea1ec6a9c8cf10116f2f34f9991ac19e6f807b038c41c63f028ef30cdd9e789bc1d29d812f1c9d951b79382e30fc8ddaedb786d65d76
SSDEEP

768:oPTNrWDCQxZF3UsliD+PiVIkE+sgnTrc1hLRh:oPwDrxfPEILs01hLRh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7492bf3e6d99724130f459ae4d5764b_JaffaCakes118

Files

d7492bf3e6d99724130f459ae4d5764b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd2adebaa94ddc00590f8f0a040fa39e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
CreateFileA
ExitProcess
GetModuleFileNameA
GetFileSize
ReadFile
Sleep
CloseHandle
GetStartupInfoA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

msvcrt

malloc
strlen
free
strcpy
memset
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
realloc

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ