66362e77aabc694541a8de8f9959f6bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66362e77aabc694541a8de8f9959f6bc_JaffaCakes118
Size

68KB
MD5

66362e77aabc694541a8de8f9959f6bc
SHA1

9b3846d96704b873f946893fadc804d3af86692b
SHA256

071dff7d650e1d48502a5a1ea0e0c01f99e4150ae9dbecb83066429006a2831e
SHA512

d47ad770418ebe19090676436e495f008edc5bf6d406196f30d51a534177df53eb0eced0c2d4a33b4e0ea83681d2e7124e4001f01e1fe6e1c27507a2e93e3815
SSDEEP

1536:dq8m/B6PW5t17t4ygbf9s6oHFLh0iZh/Ork3uju2Rk:UR/mQt17Wyg79vo9e0Ork0+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66362e77aabc694541a8de8f9959f6bc_JaffaCakes118

Files

66362e77aabc694541a8de8f9959f6bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

185d6c703edbd20db92921090a7aee2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

SetBkMode

comdlg32

GetOpenFileNameW

advapi32

RegCloseKey

ole32

CoInitialize

Sections

.MPRESS1
Size: 55KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE