0f743ffab5e55b5e5825b4bca3457966_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f743ffab5e55b5e5825b4bca3457966_JaffaCakes118
Size

86KB
MD5

0f743ffab5e55b5e5825b4bca3457966
SHA1

bec3acce6748579a14d082ca58f3529fa62368f5
SHA256

ccc2e78acc87683ff3def69f1bd52c100b366ef545564047bd2eb0089e9e9b47
SHA512

2ff20ff46f8637f6632eafb03d8ea83bc5ff754051cb3ff72bf85e8e1709afb1c5cb7e4fd13bef482b29805f85025344f1702bfbd1cb8928142fd48f476dd794
SSDEEP

1536:hYE/xBuRSArSAjl19brFts/Iy43eLK8N9AvkiaMsnT7o6/:1BuRqAB1LtsK6KtvkignTM6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f743ffab5e55b5e5825b4bca3457966_JaffaCakes118

Files

0f743ffab5e55b5e5825b4bca3457966_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a2dd16920daebed465899f63649cbc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

comctl32

ord17

version

VerQueryValueW

user32

LoadIconW

advapi32

RegCloseKey

Sections

.MPRESS1
Size: 55KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE