0336893a170b9d885c93d8660fd081b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0336893a170b9d885c93d8660fd081b4_JaffaCakes118
Size

41KB
MD5

0336893a170b9d885c93d8660fd081b4
SHA1

532996d227d77004934fe55dfd46968d3857641d
SHA256

c5a96e0ea7cc694d4d31580047c38127d43dc1d00b4d2064500ecca7cf5f675c
SHA512

00c35eef9aedee53dbb6b3337f33e3bb259e9947937895e225afd0716886247bb0cad22712326a1136f112169a9277ae53902a0546f350f7977f4158cd3167d7
SSDEEP

768:Q+u/HFRb3Qkm6RgoGOUdFy5+XyZU+uaeO4vCTSChrJl1tgLooq:BWXLufO4vLChLfgLe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0336893a170b9d885c93d8660fd081b4_JaffaCakes118

Files

0336893a170b9d885c93d8660fd081b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcadf982d9ee178b653674116ee35d14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
GetVersion
LoadLibraryA
SetFileTime
GetProcAddress
VirtualFree
WriteFile
lstrcatA
GetModuleHandleA
GetModuleFileNameA
ExitProcess
CreateFileA
VirtualAlloc
CloseHandle

user32

EndDialog
CreateDialogIndirectParamA
PostQuitMessage

advapi32

RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE