706504d67aa52bf8fff8e20ef005f170_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

706504d67aa52bf8fff8e20ef005f170_JaffaCakes118
Size

124KB
MD5

706504d67aa52bf8fff8e20ef005f170
SHA1

236dd97bed907556a6a30294722fc683c42ce52c
SHA256

c51828ce97604b4db1f803fc0dfc2973c6c83ce1e7df6e4c9992f4e49da41eae
SHA512

e9376d3827d6bbe92bf367ea410131e60ebd14a76cc8ab3860f460eb455745170a4e17448aea65338689a6e9f5af030a6c8a5c61a64692b64dd52dd7c36bc957
SSDEEP

3072:NT7KCAABTBaNbnhCyQjG77XKus34AsjF2Myr:RmCLENL7Ds/sjF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
706504d67aa52bf8fff8e20ef005f170_JaffaCakes118

Files

706504d67aa52bf8fff8e20ef005f170_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7be5c5c99ea477624b1571421d99f50b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

version

VerQueryValueA

user32

LoadIconA

gdi32

GetStockObject

advapi32

RegCloseKey

shell32

ShellExecuteA

Sections

.MPRESS1
Size: 92KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE