16cc059b5a4e32c3014f2d3936b80cb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16cc059b5a4e32c3014f2d3936b80cb8_JaffaCakes118
Size

292KB
MD5

16cc059b5a4e32c3014f2d3936b80cb8
SHA1

765053af3be7c98a21d5d284b30e2ddf5dd0a30f
SHA256

c2d19604309132db1c2e15a4f4177a37972a8c0374462cf78ab8f38df81711aa
SHA512

ae719a87848b4d6b6612d596874f3fbcc67e41876f304ab0e66c1046bf5b21fe1e7fcd661426779de6d832662550b6d78f94e5403a51d6707ca1f5ce40884f85
SSDEEP

6144:it0HL06pfsMV9FiHHVuXxmdalirNQCpnq0pomoxj1qVHOo:s046pxH8HGHmoxj1qHOo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16cc059b5a4e32c3014f2d3936b80cb8_JaffaCakes118

Files

16cc059b5a4e32c3014f2d3936b80cb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f81e35941fbe301da017973a11ad7823

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
HeapAlloc
SetCurrentDirectoryA
HeapFree
GetFileSize
GetProcessHeap
GetWindowsDirectoryA

ole32

OleUninitialize
OleInitialize

winmm

GetDriverModuleHandle
timeGetTime

shlwapi

SHDeleteValueA
SHDeleteEmptyKeyA
SHCopyKeyW
SHGetValueW

user32

wsprintfW

advapi32

RegCloseKey

msvcrt

malloc
free

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1006B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ