3d588b8f1690a6856329d0aa8648b8b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d588b8f1690a6856329d0aa8648b8b7_JaffaCakes118
Size

88KB
MD5

3d588b8f1690a6856329d0aa8648b8b7
SHA1

69dbade0bef9fdc19e15d64b64837fb6fa2629eb
SHA256

a466f72f52c865e83224b494bf23c78df60d963bd4af320c0e530ac3f8499b35
SHA512

3b0aee96bd446ae7aa28c2d836bed6fa87393ee4fcd53daf68490d03add699fbd088aa9589d53a675d1e0500ad3019ce85d9c9ba4e95b710faf7eca6fcc3e590
SSDEEP

1536:QJMbmfin/5L2VjhdLbiHwd1rNUPQprbrDVi1HxD/7/mi4zgsUipMICKHBJsCDuwo:QhY5L2Vjh1GHwd5ePUvrAvDyDzIMLwae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d588b8f1690a6856329d0aa8648b8b7_JaffaCakes118

Files

3d588b8f1690a6856329d0aa8648b8b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34c8d985db2c7cdbb4afc0303fb1652f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegOpenKeyA

gdi32

GetStockObject

s7onlinx

SCP_open

user32

SetTimer

version

VerQueryValueA

Sections

.MPRESS1
Size: 79KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE