1517552e1b7ea534f23a96be047f77eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1517552e1b7ea534f23a96be047f77eb_JaffaCakes118
Size

248KB
MD5

1517552e1b7ea534f23a96be047f77eb
SHA1

2e12144af1e8e1fd96088311de45642ae41678f3
SHA256

e52219c48404cd96f879275dc8845699f9d139ed3edb1fc815f5624e80ea4398
SHA512

63893550e0268bf7abd2b15cc2ec064e25d9ca1207991d3ddf67889d70f633e9d2ace1f035a4eb42e4d6585a713817164651ba7e2c0ee42540f5bb9a02c8241a
SSDEEP

3072:vThy2BhfrLYjDAZhk2P/Ht80V6AEZK60NjlBFdGN0aVbMcEWJSqzwL5/66Cx:3BhzLxSom0/360HFxaV4cfJSqzwd6xx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1517552e1b7ea534f23a96be047f77eb_JaffaCakes118

Files

1517552e1b7ea534f23a96be047f77eb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

85290878a1e4b4de072bac0fedf90752

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursor
GetScrollInfo
AlignRects

advapi32

RegOpenKeyA
RegDeleteKeyA
RegDeleteValueW
RegOpenKeyW
RegCreateKeyA
RegQueryValueW
RegQueryValueExW
RegOpenKeyExW

kernel32

ExitProcess
HeapFree
CopyFileA
FreeResource
CopyFileExA
FormatMessageA
CompareStringA
FindClose
WriteFile
GetLocalTime
lstrlenA
HeapAlloc
GetLastError
DeleteFileA
lstrcmpA
GetPriorityClass
ExitThread
GetFileTime
OpenFileMappingA
GetCPInfo
FlushFileBuffers
GetCommandLineA
GetFileType

Sections

.c7gd0
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g4cd
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c52b6
Size: 207KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9be2f
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.01276
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE