dceaa8dc7486ff6ea7d13e5e9e2b59e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dceaa8dc7486ff6ea7d13e5e9e2b59e7_JaffaCakes118
Size

11KB
MD5

dceaa8dc7486ff6ea7d13e5e9e2b59e7
SHA1

2f2dd0a3bd6ec133c32748f71efa2d422c95d2d0
SHA256

223400aa0fa2a9911611d8d5050d091a194004885b2bec1b953cb15bcd8c6c89
SHA512

fb75c9dc2813e166caa184de735cd595a354c11cf981edfc34ac714887ab6e25bd1fe5306216585293483df0f2a36eeef2edda9df2c5cced0bc7ca7e69a33e7d
SSDEEP

192:38vQK2aRCLtzj4yYEytpKprF7Gs2eAlRC3dXCjKZn0cv:38v8aRCL5j/DynKprF7xOlRC3dXCGZ0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dceaa8dc7486ff6ea7d13e5e9e2b59e7_JaffaCakes118

Files

dceaa8dc7486ff6ea7d13e5e9e2b59e7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

bee48402bb1c7b578c8c3f863f42edb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegFlushKey
RegOpenKeyA
RegSetValueA
RegSetValueExA
RegQueryValueExA

kernel32

lstrcpyA
CreateFileA
GetFileSize
FindNextFileA
lstrcatA
CloseHandle
FindClose
GetLastError
GetWindowsDirectoryA
FindFirstFileA
VirtualAlloc
CompareFileTime
DeleteFileA
ReadFile

wininet

InternetSetOptionW
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetWriteFile
HttpSendRequestExA
InternetOpenA

Sections

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE