43cd1abd89484404c623f677713657da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43cd1abd89484404c623f677713657da_JaffaCakes118
Size

776KB
MD5

43cd1abd89484404c623f677713657da
SHA1

473a44cd0fe64114d3214eb11aaf17288496c6af
SHA256

73f9c8dcf55c51162003de0eb4f4c875330d412a08f0d7ee22c1ce5d1cc51e22
SHA512

571d5a15617a0b263bde8d6cddc00763c824297177a4598a39b365f9c60b240f6ee6ce32f7b50e37a17a354d8283a2c145001adb0618f0941b44083422864323
SSDEEP

12288:BGx9Rmcwic7E7BSAu1YorUKQVC3MMDdSVc0kzj2TJTBf9M5Oq:BW/kic7EoAa+Z4rDj2TJTBS5Oq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43cd1abd89484404c623f677713657da_JaffaCakes118

Files

43cd1abd89484404c623f677713657da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e69365015d755f57a834419659a4adfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
CloseHandle
WriteFile
CreateFileA
GetWindowsDirectoryA
LockResource
SizeofResource
Sleep
FindResourceA
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
GetShortPathNameA
GetModuleFileNameA
LoadResource
GetEnvironmentVariableA

advapi32

RegOpenKeyA

shell32

ShellExecuteExA
ShellExecuteA

Sections

��F��4
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��F��4
Size: 764KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��2�7
Size: 4KB - Virtual size: 127B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE