JaffaCakes118_777717ead7a63ff83965fd6187fd6c23 | Triage

Sharing

General

Target

JaffaCakes118_777717ead7a63ff83965fd6187fd6c23
Size

194KB
MD5

777717ead7a63ff83965fd6187fd6c23
SHA1

027c9b469c825893542740869aeb3cf46752d8e8
SHA256

b22309bbdb4d5d0d65e85992761911f449a5eeeaed589ab167c5d20ec7ac2e46
SHA512

41cc79792c374bbd20855e0099f6bc3aa734298ca3a1a2b7b9eefeeb751ca1be41656b2c364ee6f267138de6edd3f5f484e01c2819b5676583b987ac5a715896
SSDEEP

3072:bTaD1fYq1T/av2VUCATjD6nyK96B8AgNJu6hYXs/2OCjahvXnfp2T/gONzYFiwpc:QYU62a21962HbYkjhnfgN4Txn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_777717ead7a63ff83965fd6187fd6c23

Files

JaffaCakes118_777717ead7a63ff83965fd6187fd6c23
.exe windows:4 windows x86 arch:x86

39f1fb3768bde6933502528493990fae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

VirtualAllocEx
CreateProcessA
RaiseException
WideCharToMultiByte
EnumResourceNamesA
lstrlenA
GetSystemTimeAsFileTime
LocalAlloc
MultiByteToWideChar
OpenSemaphoreW
InterlockedExchange

rpcrt4

NdrFixedArrayFree
UuidCreate

shlwapi

PathFileExistsW

advapi32

RegEnumKeyExA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ