411f2858a8e51d87a054b225a0af7d77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

411f2858a8e51d87a054b225a0af7d77_JaffaCakes118
Size

51KB
MD5

411f2858a8e51d87a054b225a0af7d77
SHA1

4207ac3113836fe9123179729f333bc44968c6c7
SHA256

330ba9e535369d60ef8cbc6cc08b35f7d069549da18b39dacc819929f6bec61c
SHA512

6eb60f574b66cd46b49a2f8820392f22da1d58fd5fb4e02fe09062c5a5acda3dae2db3b259c13a1306de783b5e2f1bc79051f3e9542516dfa9d4a7ffa3d82fd3
SSDEEP

768:Gi8WRFoHc5VZbSKLffq2oun9b2YhYDqm8bz7DWB1cR5L+1CZFwHqsXbPUW3n4kc:r88FoHKXn9oCNSDs+SriCfYvXQY4kc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
411f2858a8e51d87a054b225a0af7d77_JaffaCakes118

Files

411f2858a8e51d87a054b225a0af7d77_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aefc9fab2e660d2a0275739f5cd899dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

oleaut32

VariantClear

advapi32

RegCloseKey

comctl32

InitCommonControls

Sections

.MPRESS1
Size: 21KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE