07185566655b3f6b4c984ee9cb5be0c5_JaffaCakes118 | Triage

Sharing

General

Target

07185566655b3f6b4c984ee9cb5be0c5_JaffaCakes118
Size

29KB
MD5

07185566655b3f6b4c984ee9cb5be0c5
SHA1

7dceefb852406c238fe330cbffa779281a214391
SHA256

4925c14b164b35b680f9d2bc436045c0512f5e3b3bf16bd0175b59368f667b38
SHA512

ac8476320dc60215acf548ba398ea63304686ac85869f8a0b58b66bd69a97ce8f484d3883adc50f048351b02deebe6a85a1acce1ab9bbafbce8d6ecc3e9085d1
SSDEEP

768:WfN2SshNDuy0OoWc9Ld+Ilj88TpVkle/zaMQ6FN7D7FuH7:+N2SODT0OoW+d+Il9zkle/za16n0H7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07185566655b3f6b4c984ee9cb5be0c5_JaffaCakes118

Files

07185566655b3f6b4c984ee9cb5be0c5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

61a00a48251607f58c1c6afd05b437af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextW

advapi32

RegCloseKey

shell32

ShellExecuteExW

ole32

CoInitialize

oleaut32

SysStringLen

crypt32

CryptMsgClose

wintrust

WinVerifyTrust

msvcr90

abs

Sections

.MPRESS1
Size: 21KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE