13c8788618a87dc2ceca78601765c241_JaffaCakes118 | Triage

Sharing

General

Target

13c8788618a87dc2ceca78601765c241_JaffaCakes118
Size

7KB
MD5

13c8788618a87dc2ceca78601765c241
SHA1

ce75dcc4c1fd7d0c33a173de44b196388801f26b
SHA256

b7add71116469a02b4144d53dfc96fe057df2777693052b163215b041f26919b
SHA512

7f852d384b0b1259198781e7b4d2147c129d58ee6a64441e14fb858eea2decb07faaa7915b809615465e055f7f933c5423afea53222606be9ac7571a98a6461f
SSDEEP

96:vE8n6RaB4FOueEZEqUzjhnX2ksPft1axFcCDzt110kvu4TlXJM:88nXBMOZEZEFnhGJfA9ft0kvu4T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13c8788618a87dc2ceca78601765c241_JaffaCakes118

Files

13c8788618a87dc2ceca78601765c241_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1cc5c55918981ed79c6d3da3d01bbfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
CloseHandle
OpenProcess
FreeLibrary
FindFirstFileA
DeleteFileA
SetFileAttributesA
HeapAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
FindNextFileA
FindClose
GetProcessHeap
HeapFree
WinExec
GetStartupInfoA
GetModuleHandleA
RemoveDirectoryA

user32

MessageBoxA
SetWindowPos
EnumWindows
GetWindowTextA
IsWindowVisible

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

msvcrt

_acmdln
_initterm
__setusermatherr
__getmainargs
sprintf
_strupr
_strdup
strstr
_exit
_XcptFilter
exit
__p__commode
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE