054206f93e3154de9216cb7536147a6d_JaffaCakes118 | Triage

Sharing

General

Target

054206f93e3154de9216cb7536147a6d_JaffaCakes118
Size

39KB
MD5

054206f93e3154de9216cb7536147a6d
SHA1

0d7a611e947d7b5e57edffb9193af0df3522df0e
SHA256

75abb03113dcc700fd63ea7af5a54fb6a0622e0874cfc48a3cc447d27f01393b
SHA512

21cb54e4c2ba812223d6f8c469e5f99475b033b5ef73d2bf403363dcb44da5b426b8c96a49f4d593ac5f2a6d2ddb9f30dc06acd3f89f4365001dc5a3ee3ec38f
SSDEEP

768:3EbmI5T5XhKGIx/S2Yvptqd6dYaxUI0EgvTpBNyGp/Kd/BSLinRT1vgiKEM:imWT5XTDaACiRBKEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
054206f93e3154de9216cb7536147a6d_JaffaCakes118

Files

054206f93e3154de9216cb7536147a6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c73e3776abfb84c8d551e5b6812cd6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetSystemDirectoryA
DeleteFileA
ExitProcess
GetModuleHandleA
lstrcatA
SystemTimeToFileTime
LocalFileTimeToFileTime
FreeLibrary
SetFileTime

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

msvcrt

??2@YAPAXI@Z

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ