14303bc55af44b89b0ef7887e57b334e_JaffaCakes118 | Triage

Sharing

General

Target

14303bc55af44b89b0ef7887e57b334e_JaffaCakes118
Size

76KB
MD5

14303bc55af44b89b0ef7887e57b334e
SHA1

6a28564db346aaeb8121e9e4d706a99f89e6b83d
SHA256

7ab083dd907085444c02eeb253876cacafbac61cc04ce6bd2c28ec58fe29ec16
SHA512

c41c3a0c32ad037b70c0965f2b9a7ac7e00b67fd421d9736139ea185ebd8cd749b1ae2df38e4de9409783df2fbd7cc5dd5900e7cc881ffd51b9cff37c7a65249
SSDEEP

1536:RxefglsEbzipGa+J+zuXzaBTs979tJNrjtueWzmDomVMB4Uu7:Rxy+zaJpTs9rvtkaDomVK4N7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14303bc55af44b89b0ef7887e57b334e_JaffaCakes118

Files

14303bc55af44b89b0ef7887e57b334e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72c191c0e9e13490b983a7609ebdd4fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

CharNextW

shell32

ord165

ole32

CoInitialize

shlwapi

PathAppendW

version

VerQueryValueW

msi

ord211

userenv

ExpandEnvironmentStringsForUserW

Exports

Exports

_DecodePointerInternal@4
_EncodePointerInternal@4

Sections

.MPRESS1
Size: 69KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE