0a0eb3f90da62957b9f382c3375985b9_JaffaCakes118 | Triage

Sharing

General

Target

0a0eb3f90da62957b9f382c3375985b9_JaffaCakes118
Size

17KB
MD5

0a0eb3f90da62957b9f382c3375985b9
SHA1

6c8ef454640b346fdde68490d8792c37ef403b95
SHA256

01a8dbeccb9fa1d2cd899449b4482e449fee534f8a8f43cb4f50a607f82abe66
SHA512

79d43e791e741eb494540f737ff285e929e5eac07e6b77bd5c12524d12d50232ae8a97090cfe4eef922d391eb372db8384af6e55092c210cf4da367fc5ae6868
SSDEEP

384:SNreYi/PdiWMNFGbE9PDuegQ7nJvO4BGm4hEEZBFZU+KgNeHwTk6T:ai/FidnGY9LuegklO4IhFZ5KBHmT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a0eb3f90da62957b9f382c3375985b9_JaffaCakes118

Files

0a0eb3f90da62957b9f382c3375985b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad8056f7a75fdb259683183b66f334a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GlobalReAlloc
GlobalAlloc
GetFileSize
FindClose
lstrlenA
FindNextFileA
FindFirstFileA
CreateProcessA
DeleteFileA
GetExitCodeProcess
CreateFileA
ExitProcess
GetCommandLineA
GetSystemDirectoryA
GetLocalTime
SetFilePointer
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
WriteFile
CloseHandle
SetFileTime
Sleep
GlobalFree
HeapFree
VirtualFree

user32

wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

urlmon

URLOpenBlockingStreamA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE