073dbf4628f4cd4b4ec329b49338ba29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

073dbf4628f4cd4b4ec329b49338ba29_JaffaCakes118
Size

69KB
MD5

073dbf4628f4cd4b4ec329b49338ba29
SHA1

0f805f2d9b85c7844ae498fd393319efe436450f
SHA256

033da72c312d0d7c0bc3886f93c2195c56aa69e9346d8b3a7e4ee433cb39411f
SHA512

9e9ee571f13c74abac9c60886e054a54272f639a08286b61d6a9bdf1875b1e10336f4d5930f3aba79110cff540ef7e604ebe37e0eea146dc8258e81bc1f9afed
SSDEEP

768:SGlDPbv8edF0jRQMAqZZrXGYt6nAwtuwCN8/lxG7D+Cgq+U92ZQGHWzHGexc:SGlHk77rZZrXGYt3wt5CNElxYbGexc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073dbf4628f4cd4b4ec329b49338ba29_JaffaCakes118

Files

073dbf4628f4cd4b4ec329b49338ba29_JaffaCakes118
.exe windows:5 windows x86 arch:x86

34a173be024f6ad6cfa183cd15df59bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

oleaut32

SysFreeString

advapi32

RegCloseKey

user32

CharNextW

comctl32

InitCommonControls

Sections

.MPRESS1
Size: 36KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE