6309c6eac56b677e4d720e0262e45ade_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6309c6eac56b677e4d720e0262e45ade_JaffaCakes118
Size

47KB
MD5

6309c6eac56b677e4d720e0262e45ade
SHA1

553cca7d9a1deaa0e0cefb6500f1fe0aafee2dca
SHA256

d8a3d88af57e111a6faee19b28d2b577b463fd980a741c3dfa3bfe022b842822
SHA512

6dfdba894a4893b51d25522e389a7b16cab31d5473a94ffa1d76f698d54c18a5deb23f11bf0ee76f6692f65b9bfa2d9429c0c29c2c64329f8c515e41e7e3174b
SSDEEP

768:YhvCDbdnpCKpeRcTRdT1T8MMMMMxMMMMMa:YhKDfeRgdT1oMMMMMxMMMMMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6309c6eac56b677e4d720e0262e45ade_JaffaCakes118

Files

6309c6eac56b677e4d720e0262e45ade_JaffaCakes118
.exe windows:5 windows x86 arch:x86

93f8a0e7fbc966941b6f411d055a07be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

LoadStringA

shlwapi

ord67

Sections

.MPRESS1
Size: 5KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE