1768ea967507f8b35c5049f70a3ea44f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1768ea967507f8b35c5049f70a3ea44f_JaffaCakes118
Size

79KB
MD5

1768ea967507f8b35c5049f70a3ea44f
SHA1

562ce9516a24bd8c21673382afbc3e67537c95fd
SHA256

817e857e962760cf07f287a3c67c4a7d20b3a5631c25b71eb7956121cc2d3985
SHA512

348e34678a2298326207f197f96a21de2be74fd3651a8eaf1b8f75d7d6e327ba2ba545b0db65abf4e913c73bda8f331541128827d14e3d80e844e621dd1d8a44
SSDEEP

768:Ir7M+i+4s+rMZBXUeAqb5pk6wI/RDw4pVCugE1rUKZLQzr54+5DS/sIclVF1/7EM:1wKe1g5e/sIcfH3iWejp2TDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1768ea967507f8b35c5049f70a3ea44f_JaffaCakes118

Files

1768ea967507f8b35c5049f70a3ea44f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9c13585a8aee60e318f97b1ef73ddc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
WriteFile
CopyFileExA
GlobalFree
DeleteFileA
GetFileTime
CompareStringA
HeapAlloc
FindClose
FlushFileBuffers
GetFileType
lstrlenA
ExitProcess
GetStdHandle
GetCommandLineA
HeapFree
OpenFile
ReadFile
CopyFileA
GetLastError

user32

CopyRect
DrawTextW
GetDlgItem
IsWindow
CopyImage
DrawIcon

advapi32

RegCreateKeyA
RegFlushKey
RegOpenKeyExW
RegGetKeySecurity
RegEnumKeyExA
RegDeleteKeyW

Sections

.437b
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.db14
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d1644
Size: 40KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h8hh
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ