09ed9d09b851589066cf16fb4c293f9b_JaffaCakes118 | Triage

Sharing

General

Target

09ed9d09b851589066cf16fb4c293f9b_JaffaCakes118
Size

38KB
MD5

09ed9d09b851589066cf16fb4c293f9b
SHA1

5c99978fb76de4d0ee2b605e46ed5e923f4f431b
SHA256

9038c93c3f45358ccd2cd14414b3f80a0b5426969d3b5d2e7e2ea7347ec554d6
SHA512

49d23d09804d704564f66e593c4f7cccbc700b346af03b37891edac8c2dff9ec313670736b2292e5be63dbb9dd3e6f7e7bcaaf023af43d3a8662990b1017285b
SSDEEP

768:170vOs9HMJMWYw06B0dRqjrAzb//cg7DNAQCIPyHM2xX/:IOs9HOM5whGTVwQCdBxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09ed9d09b851589066cf16fb4c293f9b_JaffaCakes118

Files

09ed9d09b851589066cf16fb4c293f9b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aefc9fab2e660d2a0275739f5cd899dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

oleaut32

VariantClear

advapi32

RegCloseKey

comctl32

InitCommonControls

Sections

.MPRESS1
Size: 22KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE