3a6e53ee7be04c728c64c04f5d2d3450_JaffaCakes118 | Triage

Sharing

General

Target

3a6e53ee7be04c728c64c04f5d2d3450_JaffaCakes118
Size

52KB
MD5

3a6e53ee7be04c728c64c04f5d2d3450
SHA1

3c6af3fd4d0f7eb688b4fafda3ae5b42d0f4db61
SHA256

92dff805e0ec64dd174ad45c87743d096fce30ffe959c2562b1a9d7c7afa87aa
SHA512

caedfb56cd526fba2ebcec8780888b1d21bce7032444962a540a03494930b59504211189ca0570cb5e4299133d6177a70161e384cac435be9577d996fe8437a3
SSDEEP

768:jUhmD58iqv7V5aJv34eacRcgBR99bYoMd/MzBAXGDlxLsCCw7DJ:wYd0V5SaGcgBR9xYRMWGDHsCF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6e53ee7be04c728c64c04f5d2d3450_JaffaCakes118

Files

3a6e53ee7be04c728c64c04f5d2d3450_JaffaCakes118
.exe windows:6 windows x86 arch:x86

804ae0a99a8f77ad8e763cbbbb214815

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

msvcrt

exit

user32

CharUpperW

mpr

WNetGetLastErrorW

ole32

CoUninitialize

oleaut32

SysStringByteLen

secur32

GetUserNameExW

ws2_32

WSAGetLastError

netapi32

NetApiBufferFree

shlwapi

StrChrW

version

VerQueryValueW

Sections

.MPRESS1
Size: 46KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE