27520c85d811e4e058a1bfae75bbc65b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27520c85d811e4e058a1bfae75bbc65b_JaffaCakes118
Size

92KB
MD5

27520c85d811e4e058a1bfae75bbc65b
SHA1

15dcf01dcac78f7f67bc3d0989a578196d8fd5ef
SHA256

f4d20136ede758d736e3b74e1194948437226378778204291879adcc4b1198b5
SHA512

772f399ea1e3718805b29f55fc1616d8ef65675b7688dd36aa5c05e02b2c472ead37bbec647e7aad1a1eecc5f2bb47d27a09021216e59219f20fb92fb1a80386
SSDEEP

1536:1a0WEgmbc+u1sLmNxgGqEsmyXiXMcfll4VJ/aMlOtW1OLKB:1GEZ+eLCQEMiXDf363lO8gLKB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27520c85d811e4e058a1bfae75bbc65b_JaffaCakes118

Files

27520c85d811e4e058a1bfae75bbc65b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e69365015d755f57a834419659a4adfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
CloseHandle
WriteFile
CreateFileA
GetWindowsDirectoryA
LockResource
SizeofResource
Sleep
FindResourceA
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
GetShortPathNameA
GetModuleFileNameA
LoadResource
GetEnvironmentVariableA

advapi32

RegOpenKeyA

shell32

ShellExecuteExA
ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ