JaffaCakes118_594a3e0b12474de4d6ee6b0875963ca3 | Triage

Sharing

General

Target

JaffaCakes118_594a3e0b12474de4d6ee6b0875963ca3
Size

184KB
MD5

594a3e0b12474de4d6ee6b0875963ca3
SHA1

441cfa3d7f4571b451fed7c0d0337347068e6d33
SHA256

56277931f12806163f3156ef21934697889543ab1b42ae9f102890f756ba38b4
SHA512

d9d51f0385a33d16ef9706547b9f036f4eff7101e46bba8c706d48383a389b78022796df0f9a4ba44b31f22cb32c7ea6c723ab183b1a881a8d5918a69ad57c39
SSDEEP

3072:QlgL/uXZ2Vt8+hokXG82qtophyr/pV7EW6vlRMynaW8kzwqpewitA2ZRCJ0lyWVh:QlG/AudnGdPyjqvlmynaocqpewcNZS0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_594a3e0b12474de4d6ee6b0875963ca3

Files

JaffaCakes118_594a3e0b12474de4d6ee6b0875963ca3
.exe windows:4 windows x86 arch:x86

53c591d8f0731c51f57aa9a009f3ff53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA

shlwapi

PathFileExistsW

kernel32

VirtualAllocEx
MultiByteToWideChar
RaiseException
lstrlenA
EnumResourceNamesA
GetSystemTimeAsFileTime
CreateProcessA
WideCharToMultiByte
OpenSemaphoreW
LocalAlloc
InterlockedExchange

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

rpcrt4

NdrFixedArrayFree
UuidCreate

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ