5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118
Size

183KB
MD5

5e8716b7f35e8db19ebd1fb3dd0671ab
SHA1

7016b6cbe84949105e93822f9f7a647590827f57
SHA256

22afa4e31746345474de546cb15a2b09de0899a7bd27f0fdaf7d7d45b6c298e2
SHA512

184f1259311f18a370deaba819a2e14581b122c2a84b90eea0c4a9926629238e8e70a3d2990cf8b271077e967ec6c51364a78f81e84616e28303d12cb7158e92
SSDEEP

3072:oTVe+hrM93FXSJQLxdsxHtAtapRxRqG9//29BukYR0zS2W:ae++9pkMx2cUpRDbe9I1R0z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118

Files

5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118
.dll windows:5 windows x86 arch:x86

06ae03ea7228620257073806e196dbca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoCreateGuid

msvcr90

free

advapi32

RegFlushKey

user32

CharUpperW

Sections

.MPRESS1
Size: 176KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE