261e2864779dee93c2a04aacab96de25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

261e2864779dee93c2a04aacab96de25_JaffaCakes118
Size

23KB
MD5

261e2864779dee93c2a04aacab96de25
SHA1

86c5dfa65a2c7ea1603b7c76f0b8327549d0ebe8
SHA256

a362b8f7a7bef1788ebde4a1052378b3904f002b9229c1544e66f7bdea04e621
SHA512

d51dd32306df679e658d8fef3f578fe373252b98fdab29d5fdacc8b4826dc0033f132b7e022e77b94a7b455aa421a6edc62ef0687fd2febf54365fb3ea401ffa
SSDEEP

384:ZZqrbbETCI27uDiC45MhlWWHWrVBYkkjuv1hkNLdbaLa4CwUJuUCSFtVcG+We8EU:ZGmlwazWVBxkjuv7wbaLa4PU4wT3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261e2864779dee93c2a04aacab96de25_JaffaCakes118

Files

261e2864779dee93c2a04aacab96de25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ebfabf22b6cc329d2ae8b729a53c2c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
TerminateProcess
OpenProcess
GetSystemDirectoryA
WinExec
GetTempFileNameA
GetTempPathA
Sleep
GetFileAttributesA
GetModuleHandleA
GetModuleFileNameA
GetPrivateProfileStringA
WaitForSingleObject
ResetEvent
CreateEventA
OpenEventA
CreateThread
GetWindowsDirectoryA
OutputDebugStringA
IsBadReadPtr
GetCurrentProcess
GetLastError
LoadLibraryA
GetProcAddress
lstrcmpiA
CloseHandle

advapi32

LookupPrivilegeValueA

msvcrt

_stricmp

shlwapi

PathAppendA
StrStrIA

Sections

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ