1677180a1bf2df37a61a98c779783c72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1677180a1bf2df37a61a98c779783c72_JaffaCakes118
Size

20KB
MD5

1677180a1bf2df37a61a98c779783c72
SHA1

65d054f30877037f83ba029940a9bd5cb74ece2c
SHA256

1e395e87363aa4b42903fdba91a6c004986336637a9096e849c0660cd4a61ed7
SHA512

ab3de47a731bce8dd84fa89d56c420eab9af1b01dc82ba016a2d6b7ed59ec6130d96e6afc29a092dcc4bd6d97e1beb1ad7ba3aae9057b13af76b50cbe192e6b8
SSDEEP

96:aJvDDyYA4T9JhI2umUT1nd6376jboU++HvG+f+Za+UXe1wrhhPv:aRDDyYXYXj237obX9HvGIKa+NKFh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1677180a1bf2df37a61a98c779783c72_JaffaCakes118

Files

1677180a1bf2df37a61a98c779783c72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84ddab184dc34dd62f940d5fedd948e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
CloseHandle
CreateProcessA
lstrcpyA
WaitForSingleObject
GetLastError
CreateEventA
SetLastError
lstrcmpiA
lstrcatA
lstrlenA
HeapFree
GetProcessHeap
HeapAlloc
GetModuleHandleA
GetCommandLineA
ExitProcess
ResetEvent
GetStartupInfoA

user32

GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
MsgWaitForMultipleObjects

advapi32

RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegNotifyChangeKeyValue
RegSetValueExA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ