12954f97e5db1cc86ecfe12be2ec7323_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12954f97e5db1cc86ecfe12be2ec7323_JaffaCakes118
Size

39KB
MD5

12954f97e5db1cc86ecfe12be2ec7323
SHA1

373f9797ed9aefed0c53c69035bc9369c046d40d
SHA256

9f6f95fc890b73d0deb670be7eba0528289c99a048afb5a4852a825a7545c89f
SHA512

01f4bab7272d6421da3a1299c227f6cc895ca444be72d32e0040f477aac539ea3c730667f3e003efe01d9b1fbf6d9c95a6959da6c76e8a1ff0bf6eacd61f97fd
SSDEEP

768:RZh2PekI+FrQBjYTSembwOJfAGWOD9ODvXzVqX8jWlK:7hUI3+mbwwOO9WzVqGWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12954f97e5db1cc86ecfe12be2ec7323_JaffaCakes118

Files

12954f97e5db1cc86ecfe12be2ec7323_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

fa5ecdfb87a18ce46473887895601655

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetCurrentProcess
Sleep
DeleteFileA
GetModuleFileNameA
GetEnvironmentVariableA
GetModuleHandleA
CreateProcessA
ExitProcess
lstrlenA
FindResourceA
LoadResource
LockResource
FreeResource
SizeofResource
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject
GetStartupInfoA

shell32

SHCreateDirectoryExA

advapi32

LookupPrivilegeValueA
RegRestoreKeyA
RegOpenKeyExA
RegSaveKeyA
OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

msvcrt

sprintf
_access
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ