6dfbe7635db6525dbced681fb6e53cab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6dfbe7635db6525dbced681fb6e53cab_JaffaCakes118
Size

29KB
MD5

6dfbe7635db6525dbced681fb6e53cab
SHA1

51a2b2fed26870896ddd9532486dd765b0f4ab2a
SHA256

5a795a80c5417471089106250b8d2eed5eae0c710bb9aa078d156671f40e08c2
SHA512

7ab523053db2339e8777766336a7d638a14e6caf1af94d34e8cee8d408c438581aff9bb73f191a0faaae126a7eb43fa6335fc571bd0ccca709e18d5c6c544569
SSDEEP

768:s7hN1yNVb+Qd8gb5xRkUMfrjtTg2e+COUvee7Dxc9:s7Iz+Xgb5xkxCOUven9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6dfbe7635db6525dbced681fb6e53cab_JaffaCakes118

Files

6dfbe7635db6525dbced681fb6e53cab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d15ec33728f6e654127c15cfd490daee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

crypt32

CertOpenStore

setupapi

CM_Get_Parent

userenv

CreateEnvironmentBlock

user32

wsprintfW

advapi32

OpenServiceW

shell32

SHGetFolderLocation

ole32

CoTaskMemFree

Sections

.MPRESS1
Size: 24KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE