47cc219fe69ee14645e088b4e8bb158b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47cc219fe69ee14645e088b4e8bb158b_JaffaCakes118
Size

82KB
MD5

47cc219fe69ee14645e088b4e8bb158b
SHA1

42a3b893025fd2f98e1875fd91b045f631c5ffee
SHA256

2f07959d37c7d9d58b07ce608e1fbdf2cd331f4422fc7f8dfef769da2aba0bff
SHA512

8b2ef31853509e2547bfd1059488672cf6672243d0b55b1445de7941b09e76fb217ce542f2497b98fe4dcdde535fac2b8e3b9b338391d3fda2a1d71760ae34e7
SSDEEP

1536:+rD04hQ2wbxw3qSyrCAtD2ADUq59GelE5niMRMlMlc:+rDHAbwqCAtqEBlCnr6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47cc219fe69ee14645e088b4e8bb158b_JaffaCakes118

Files

47cc219fe69ee14645e088b4e8bb158b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da911e495472ce7ef3b096a4205c2d4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

LoadStringW

advapi32

RegCloseKey

shell32

ShellExecuteExW

Sections

.MPRESS1
Size: 64KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE