07c4899a1c1cadd7dcb9d18d13a7938e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07c4899a1c1cadd7dcb9d18d13a7938e_JaffaCakes118
Size

815KB
MD5

07c4899a1c1cadd7dcb9d18d13a7938e
SHA1

8b13b0e544c01b5d51f1a206bfb28237fb684724
SHA256

33ef8bea925529d3b1b70a1a029a9dc1b2912398636fc10a4e343c0f95fb025a
SHA512

25ef491e0c5123e5d9006df5480fb18b285cc394e5f93097da2f84ff31a71a13c4b00da3838ab36f8ef0b3df1e1fb4700c71c573b15fe9e42d3a8e9304e3db89
SSDEEP

24576:Wd3EbXzvdgWCdgm7imDeUW1oBZjhhdv0:WdiXsSlBy9hd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c4899a1c1cadd7dcb9d18d13a7938e_JaffaCakes118

Files

07c4899a1c1cadd7dcb9d18d13a7938e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca6ab7e22727f4b5c8e1ef5f2b6caf6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
TlsGetValue
SetThreadPriority
Beep
Beep
lstrcatA
Beep
FormatMessageA
VirtualFree
Beep
GetModuleHandleA
Beep
DeleteFileW
Beep
GetDiskFreeSpaceA
Beep
GetPrivateProfileIntA
OpenMutexA
SetLocaleInfoW
Beep
GetCommandLineA
WriteConsoleW
lstrcmpA
Beep
GetCurrentThreadId
Beep
VirtualProtect
CreateDirectoryA
SetCurrentDirectoryW

catsrvut

RegDBBackup
CGMIsAdministrator
RegDBRestore
StartMTSTOCOM

Sections

.TEXT
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE