fd3ae36efaede351d56306871776e414_JaffaCakes118 | Triage

Sharing

General

Target

fd3ae36efaede351d56306871776e414_JaffaCakes118
Size

286KB
MD5

fd3ae36efaede351d56306871776e414
SHA1

a0d09bcb653e22efb4e9d43756d9db0db43c75ae
SHA256

e2db69e774e50562980195e3820535b9b8bb4e2fd9062f35d1f9a11868a0cece
SHA512

e26e74adf374ee82d8e83ed4ffbc39528d4e38aef973be2e26553f8ed365e02fdaab6eba90737532bec513415b76f362c0802d4dbab68b88c4df7d1f4b2fe6a7
SSDEEP

3072:qk6KMfQUFxdLCspkKNhzDsRq/XthI0TYMDkfV9vxER5Gb80YEAM+x2An2B:qVxLCsLNhzgsTI0TYikf/xEM8UAn2B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd3ae36efaede351d56306871776e414_JaffaCakes118

Files

fd3ae36efaede351d56306871776e414_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ