8b4ca2be4c20a7f41a3bacb011d6d147_JaffaCakes118 | Triage

Sharing

General

Target

8b4ca2be4c20a7f41a3bacb011d6d147_JaffaCakes118
Size

34KB
MD5

8b4ca2be4c20a7f41a3bacb011d6d147
SHA1

771e8036cbf8aaeb3ff814ea9137be994627fa0b
SHA256

645877a90b931dedb84de8c58e24e801423e39eeaca3f43d7759f0e46efa2fad
SHA512

4a3b348f84789f69e84603a996e8be63bc1ae0edb64e19e99067fd42be39fb0a3c39c062a36be4ad7956a81c5b2111f4ab18c91bb33f52dc23627e99eecfa8dd
SSDEEP

768:w70vOs9HMJMks2ALwZvobqG5KarwX8dUNJg7Dr0sxF:jOs9HOMPJwZX58duYxF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b4ca2be4c20a7f41a3bacb011d6d147_JaffaCakes118

Files

8b4ca2be4c20a7f41a3bacb011d6d147_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aefc9fab2e660d2a0275739f5cd899dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

oleaut32

VariantClear

advapi32

RegCloseKey

comctl32

InitCommonControls

Sections

.MPRESS1
Size: 22KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE