0073038415a75f79f5f2e9f2d956efa6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0073038415a75f79f5f2e9f2d956efa6_JaffaCakes118
Size

7KB
MD5

0073038415a75f79f5f2e9f2d956efa6
SHA1

1aa831445d24ea8b0f3fc073acc4fa8a33b38a97
SHA256

a068370c6c147a304ce8ce7e5abc56a953325107c8d17ded0749c3d40b28fe10
SHA512

12735842656f15f2ebc56b0a8b75d14cf310afeb827e92ec0eec63848aef19af181883394aa2eb98c62a6a75d9a1ec3d3972b503f3bfb52c79b8cdcc51db0cf2
SSDEEP

96:QqmGLcQyzcDwksgafs+tHuyF0jZu5nQEQ+0W:zmJHowRgr+tOY+ZuZRQ+0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0073038415a75f79f5f2e9f2d956efa6_JaffaCakes118

Files

0073038415a75f79f5f2e9f2d956efa6_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e236c0a742d410fc208ec0e01b5f2721

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExpandEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetExitCodeThread
GetFileAttributesA
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDirectoryA
CloseHandle
GetTempPathA
HeapAlloc
LoadLibraryA
CopyFileA
LocalAlloc
LocalFree
QueryPerformanceCounter
RtlUnwind
RtlZeroMemory
CreateFileA
SetFilePointer
VerLanguageNameA
WaitForSingleObject
WriteFile
CreateProcessA
CreateThread

user32

LoadCursorA
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
RegisterClassA
CreateWindowExA
DefWindowProcA

advapi32

RegFlushKey
RegOpenKeyExA
RegSetValueExA

crtdll

__GetMainArgs
_sleep
exit
raise
signal
strchr

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 444B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE