11609462e5ee9404f54f1225838af69e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11609462e5ee9404f54f1225838af69e_JaffaCakes118
Size

204KB
MD5

11609462e5ee9404f54f1225838af69e
SHA1

95a95ec9c14f7b89672c29372e621c0ea31c5fcf
SHA256

6cd1c35c37b605317b8b3b101dec6f50fe706a16653f649e804fc136bdd93128
SHA512

d63844975890624e30944fbc8a9dc0a35d58006dd9871fa4b603d5a9d0f73730799287a23e8cfd1251829ffe36df9496feede5981df00dec292b95fc0b41883f
SSDEEP

6144:Jf41lbM1r6h/wlxvGHrgDwkCqHngxLQMRW9V:D6hwOHrgcc8m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11609462e5ee9404f54f1225838af69e_JaffaCakes118

Files

11609462e5ee9404f54f1225838af69e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a88323245141cb38f14ae5f0401c20c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExA
GetLocalTime
FindClose
FindNextFileA
GetModuleHandleW
FindFirstFileA
EnumResourceLanguagesA
GlobalAlloc
WaitForSingleObject
HeapFree
HeapReAlloc
HeapAlloc
CreateSemaphoreW
ReleaseSemaphore
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
GetTickCount
GetTempPathA
ResetEvent
WaitForSingleObject

shell32

ord201
ShellExecuteW

advapi32

RegQueryValueExA
RegSetValueExA
ElfBackupEventLogFileW
RegSetValueExW
RegCreateKeyExA
RegOpenKeyExW

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ