ec69a8563702bcbe52dde0bca4999590_JaffaCakes118 | Triage

Sharing

General

Target

ec69a8563702bcbe52dde0bca4999590_JaffaCakes118
Size

105KB
MD5

ec69a8563702bcbe52dde0bca4999590
SHA1

86ef7d27418e41d2b792f37ad9031e7b82e3e663
SHA256

d47ae4628618777a6735bd04faddae372c5210ba10f9117caa69160bcd194637
SHA512

ab9c1e04831bfd6ee7fcba7c0094de710adb7056fa7d6e13c8f1c6849dc168e6775c7907d87ca72af409ade73f6cf686668133dd9f636ccbf0095e798837b9ef
SSDEEP

768:f+KGZdJueOxr1PuarJHlVBQavxWOf+u4Dt0XtCVJGCIzIsaJHRQCAxtXfq:fDGEr1PDVBQiWe+b0X0nEIs0RQtXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec69a8563702bcbe52dde0bca4999590_JaffaCakes118

Files

ec69a8563702bcbe52dde0bca4999590_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9893243f9525b834879b0c6a3aebaa02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

CopyIcon
AlignRects

advapi32

RegDeleteValueW
RegFlushKey
RegEnumKeyExW
RegEnumKeyA

Sections

.aemld
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.meohh
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ijan
Size: 67KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ibca
Size: 1024B - Virtual size: 815B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ