546eb87a722c968b960fd1d6c724fcdd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

546eb87a722c968b960fd1d6c724fcdd_JaffaCakes118
Size

24KB
MD5

546eb87a722c968b960fd1d6c724fcdd
SHA1

b55cdb078a014240bd9f79b42368fe95e88dc9ff
SHA256

6b059eec6a12c1f5621e113f23e8565b50736babd8dd194415851db348b84a97
SHA512

fdff8175a70fb5709e41965a1c8342f5b4bd75679c104c47af7d6edfc78c023905de9f80082ad5f2fd7f6b9865be28623c300d15cad0f256dc37db372685bc7d
SSDEEP

192:b+QgkDQWv3n4/77AQCDAs0hNW5JN44ITAaHzDo2G4w7+tSK7h9:bKkDx3n4z7AdArhsCDHzc2GJ7HK7h9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
546eb87a722c968b960fd1d6c724fcdd_JaffaCakes118

Files

546eb87a722c968b960fd1d6c724fcdd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff307b29e9fa3f3824ab50b3a2771cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
LocalFree
GetProcAddress
lstrcatA
lstrcpyA
lstrcpynA
GetFileAttributesA
GetDriveTypeA
CloseHandle
CreateProcessA
lstrlenA
WaitForSingleObject
GetLastError
CreateEventA
SetLastError
CompareFileTime
GetSystemTimeAsFileTime
GetTickCount
SystemTimeToFileTime
GetSystemTime
lstrcmpiA
GetVersionExA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
DebugBreak
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetCommandLineA
ExitProcess
ResetEvent
GetStartupInfoA

user32

MsgWaitForMultipleObjects
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
wsprintfA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegFlushKey

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ