4307e280a36edb651ed47b1fda5fa538_JaffaCakes118 | Triage

Sharing

General

Target

4307e280a36edb651ed47b1fda5fa538_JaffaCakes118
Size

28KB
MD5

4307e280a36edb651ed47b1fda5fa538
SHA1

e9704d1f16b81da1fd158fdfb385cf94594c7895
SHA256

dcf13e9602a98fcc00a0ea6ac8aa69f2971d322f7949f4ef171c8a5a85192cf9
SHA512

af8ee9e27ccb06d21996e13157bf64139a79e1e382ccf738f6d469be11564d5925cf2a27e0d66b394517ce38500e5aa1ce66e9cea62e7edde583946f187ba831
SSDEEP

384:114ZiOxo39AGwV78VvPoqDJRHsG/UBLIFRZniPqMTmIQVano43NpirXrZEe7dZC0:11rOC8V78VvANX+nZiBQKjirXriOdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4307e280a36edb651ed47b1fda5fa538_JaffaCakes118

Files

4307e280a36edb651ed47b1fda5fa538_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1bb9474222ee542fd4e0ff9404b0775

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
LoadLibraryA
RtlUnwind
SetLastError
lstrcmpA
lstrcpynA

user32

LoadCursorFromFileA
EndPaint
EnableScrollBar
DispatchMessageA
CharPrevA
CreateIconFromResource

advapi32

RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyExA
RegLoadKeyA

setupapi

SetupFreeSourceListA
SetupGetInfFileListA
SetupFindNextMatchLineA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ