7c5dc970da0e850e10ecf4e558c6d5b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c5dc970da0e850e10ecf4e558c6d5b5_JaffaCakes118
Size

41KB
MD5

7c5dc970da0e850e10ecf4e558c6d5b5
SHA1

ed4c56aec01b91d245e33ed7b7655d66dcff6c30
SHA256

a67b414c1f55f7f8a3ba16ae09bc2ce77820e9979ca510ce83cad2ef04d1811a
SHA512

0f5a2038875cba27f2a9402351a8706c97bb0c4e0a2e26e1d11cbb049d4ef80ec75716cc5b3f8f86eb8c77f62969b40d8e1cf2e87b25623c34de5480431f382b
SSDEEP

768:R4B4vVw4N0WwXU3LZfr2bMvNvFo6r/n8sa:iB4NIW0OBKMFP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c5dc970da0e850e10ecf4e558c6d5b5_JaffaCakes118

Files

7c5dc970da0e850e10ecf4e558c6d5b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

721cc437f7850bdd9c156a87254a1566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

setupui

?Run@@YAKPB_W0@Z

user32

CharNextW

advapi32

RegCloseKey

ole32

CoInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

msvcr80

free

Sections

.MPRESS1
Size: 12KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE