65c65b142d21b70205f3c3ddae5074e6_JaffaCakes118 | Triage

Sharing

General

Target

65c65b142d21b70205f3c3ddae5074e6_JaffaCakes118
Size

42KB
MD5

65c65b142d21b70205f3c3ddae5074e6
SHA1

10889d740160502ae1a28daf11baab3ed91344c2
SHA256

187163e6e3954d9e756fc2ea333723bb43c1e51c364d897445c683b4e031e903
SHA512

80e1b9d699d05bec49974d1ccd1d2b9884dc46be4ac093a2909b5370becd1f259859f520474df86ad7657b5d82988b6abadadfa6bd562cf1fec673d5bfbc32d4
SSDEEP

768:B2HQWYW6Ra9q1APNZ8BJWgKKqwROhqjDUVVu2qakyne8TkJk97DB8oV3:2QpupNgRKq/UVVu2Dne8TkJI8oV3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
65c65b142d21b70205f3c3ddae5074e6_JaffaCakes118

Files

65c65b142d21b70205f3c3ddae5074e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

afa398932923eb2b05addb7041f425a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

CharNextW

ole32

CoInitialize

oleaut32

VarUI4FromStr

Sections

.MPRESS1
Size: 36KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE