f69b7ed0730f832fe3e3117eb5748f36_JaffaCakes118 | Triage

Sharing

General

Target

f69b7ed0730f832fe3e3117eb5748f36_JaffaCakes118
Size

8KB
MD5

f69b7ed0730f832fe3e3117eb5748f36
SHA1

04c75dd56af032569655c2afb05377005a7ddbd0
SHA256

213bcc8329ba0ca360a9645c21dd075ede1b4cddc9067c60edde52148fa13e2a
SHA512

529a74e2f8fe46d50f69de18256769bd97f653a280204a2a618694813854273087e3fa38f1fa9043423e82e43bbf44abcda1ca61d4c5aa1982c2bd9a0b6f124f
SSDEEP

96:fr6ONm16n9I06oj6WGqg8Du999ncr3BHr6ONm16n9I06oj6WGqg8Du999ncr3Bv:Fmxoj6WEPcr3Btmxoj6WEPcr3Bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69b7ed0730f832fe3e3117eb5748f36_JaffaCakes118

Files

f69b7ed0730f832fe3e3117eb5748f36_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3ffc28bf37d7eec2bc6c83618fd066e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

DeleteFileA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
CopyFileA
RtlUnwind

user32

GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DefWindowProcA

advapi32

RegFlushKey
RegOpenKeyExA
RegSetValueExA

crtdll

__GetMainArgs
_sleep
exit
raise
signal
strchr

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 312B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 964B - Virtual size: 964B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE