110bf893c90be733aa969a891be2ed2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

110bf893c90be733aa969a891be2ed2e_JaffaCakes118
Size

147KB
MD5

110bf893c90be733aa969a891be2ed2e
SHA1

94e544d61b27c23da414c6e7275f65a683ab524c
SHA256

bf08f67f61a159591b0a4bee4a7efaea33fc9b6e699c9edbcbb3fe1d20d4a1c4
SHA512

22e07d657646c8bb4da3a11ae7e81f0346d0b3dbfbadda0a652b2780bed86aebfdb5a60e6e928a8f943ea86efa775007b3b2667dd49c92cbf07f373d385b488e
SSDEEP

3072:HksvmibqPmPaabB0abQ5NabzTU/gSTKhdkoq/Oor2Yj+kXqh:iimPmDB055NabuLedkd5S1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110bf893c90be733aa969a891be2ed2e_JaffaCakes118

Files

110bf893c90be733aa969a891be2ed2e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5b16146fb259a8f053c9a17385b1e229

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

IsWindow

oleaut32

SysFreeString

gdi32

DeleteDC

shell32

ShellExecuteExW

ole32

CoInitialize

cabinet

ord20

crypt32

CryptHashPublicKeyInfo

msi

ord118

rpcrt4

UuidCreate

wininet

InternetOpenW

wintrust

WinVerifyTrust

version

VerQueryValueW

Sections

.MPRESS1
Size: 123KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE