69417186b62b06daf910fcf78aa384eb_JaffaCakes118 | Triage

Sharing

General

Target

69417186b62b06daf910fcf78aa384eb_JaffaCakes118
Size

21KB
MD5

69417186b62b06daf910fcf78aa384eb
SHA1

7154b25b30d6e2cb2f318d3520168845b8b45690
SHA256

c9c285e4b54cbd3729da81ff29a35511194fa41e7c817605b153fa2d46e3f41f
SHA512

ccff2f9fc329b79ff9e5f85348d1213a383eca440388c7e07d2c787bcf7fbef055baa4054868771c2a396d9aae78090542da9d3259dbe3317162eda01f20a15c
SSDEEP

384:HSiYMCLL2JislHYXVpmztikM8C2qkAzX9JtVEdDgp+AV69N8+YZ1g7vvxlL2:yiYMCLL2lsVyiklC2clEdDO+6gN81Y7y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
69417186b62b06daf910fcf78aa384eb_JaffaCakes118

Files

69417186b62b06daf910fcf78aa384eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2539d17f40a751400daf5c0ecb83a335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegEnumKeyA

Sections

.MPRESS1
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE