5480027887368aed50784a32480109f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5480027887368aed50784a32480109f0_JaffaCakes118
Size

113KB
MD5

5480027887368aed50784a32480109f0
SHA1

d84c95e08ee0a4c3275da29f6a205e9b49027d75
SHA256

63aa084ac5df2abf198f94196cb286e437b86e7a61544b662c6a0ce52fd25a2b
SHA512

8a1c157556686ff511f5da46a585cae41b28d1a4827ca469ec156ad410341ec931e7d31e47ed0659dd379c48c514e358c2766ad1b4f3f9c5c936b6d7ca33fbce
SSDEEP

3072:Z+oGRLYnyXyw+oGRLoy+oGRLEPS2jbxWGqsS2jbxWGq:k0nyi1Uz4PSbGqsSbGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5480027887368aed50784a32480109f0_JaffaCakes118

Files

5480027887368aed50784a32480109f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

adb6341d6f8de5fe90e13c8659e920ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetStartupInfoA
GetModuleHandleW
VirtualAlloc
GetModuleHandleA
GetLastError
GetDriveTypeW
FormatMessageW
DeviceIoControl
CloseHandle
CreateFileA
CreateFileW

user32

RegisterClassExA
LoadIconW
LoadIconA
LoadCursorA

advapi32

RegDeleteValueW
RegCreateKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegOpenKeyExA

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ