fc195d9016cf7517f95259fdc4bea0bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc195d9016cf7517f95259fdc4bea0bf_JaffaCakes118
Size

105KB
MD5

fc195d9016cf7517f95259fdc4bea0bf
SHA1

2fd3a195047050108f1c6ceb787a4e78b234a225
SHA256

c61ac084cbac4bdd9b06f0c28015880bc3a059e3e1a9251e79657fe9c015f8c7
SHA512

31e5a8048d59e50d87835b136e78e614412c3d91a3f7196e45a92ca630b5e5a0765caf6b1c7e2949f5fef56f8e60ea89c03a191882f0ef2ee567bb4b7d54ba9c
SSDEEP

768:D+KGZdJueOxr1PuarJHlVBQavxWOf+u4Dt0XtCVJGCIzIsaJHRQCAxtXfq:DDGEr1PDVBQiWe+b0X0nEIs0RQtXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc195d9016cf7517f95259fdc4bea0bf_JaffaCakes118

Files

fc195d9016cf7517f95259fdc4bea0bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9893243f9525b834879b0c6a3aebaa02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

CopyIcon
AlignRects

advapi32

RegDeleteValueW
RegFlushKey
RegEnumKeyExW
RegEnumKeyA

Sections

.aemld
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.meohh
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ijan
Size: 67KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ibca
Size: 1024B - Virtual size: 815B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ