11e249130d8706cf22f664ae42052d35_JaffaCakes118 | Triage

Sharing

General

Target

11e249130d8706cf22f664ae42052d35_JaffaCakes118
Size

331KB
MD5

11e249130d8706cf22f664ae42052d35
SHA1

ef295c2f88ce96b36fcdd507f2f793835ee3c180
SHA256

8371705067b78d05b36b6b578bd043d7210049cc67007cb65eab43bdfc430935
SHA512

52d9e91bc4958760dd81f4f2bfb10120ff5f63628f3bb90a2209fe0b5ba20fdf4c21c7ec1a571f396d946056af42e868671e7feb9a410b0e111a8960ec1db7a5
SSDEEP

6144:1uJ1pH6I7ooml1fjFQOwJ/5QjnKghmziQDkzqTVvL8YdH+YJwDhUy1bl:gJf6I7ufjFQr/5QD6ziQDkz2vYM+dDfn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e249130d8706cf22f664ae42052d35_JaffaCakes118

Files

11e249130d8706cf22f664ae42052d35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc6a85345fb9ece3deda3fd1c6136fc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

hs_regex

regcomp

libeay32

ord1016

ssleay32

ord61

ws2_32

listen

rpcrt4

UuidCreate

Sections

.MPRESS1
Size: 327KB - Virtual size: 952KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE