2912809b1018a6e3a0452fe611a5aecc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2912809b1018a6e3a0452fe611a5aecc_JaffaCakes118
Size

35KB
MD5

2912809b1018a6e3a0452fe611a5aecc
SHA1

985e1cd45141e83a3019953915e60fb070e93e03
SHA256

5129df37bbd47e6d461c9d86a9cc099d3c0909420f3bc83965e54cb14c5c34c1
SHA512

40a8ed786c4810cc46fa5c8126589019dc2292be5ca0cdcf691b7cd00479127733ca618b46ddbfa3527a6b0fb7562dd9593c5aec0dd08ebcc02aaa1de355fb8a
SSDEEP

768:vUN3OLN4HRgv5eG2nWho5MyJZjX0wm89OXTogY5ypL7DEM:vYOR4McGE5MyRwTogY9M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2912809b1018a6e3a0452fe611a5aecc_JaffaCakes118

Files

2912809b1018a6e3a0452fe611a5aecc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

33c462b134db3e40310e6cb346b7c2f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextW

advapi32

RegCloseKey

shell32

SHGetSpecialFolderPathW

ole32

CoCreateGuid

oleaut32

VariantClear

msvcp100

?_BADOFF@std@@3_JB

msvcr100

exit

dbghelp

ImageNtHeader

psapi

EnumProcessModules

Sections

.MPRESS1
Size: 30KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE