91f6f4239f2d77a356b7d4538266986a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91f6f4239f2d77a356b7d4538266986a_JaffaCakes118
Size

344KB
MD5

91f6f4239f2d77a356b7d4538266986a
SHA1

67657dd8ea5fc2aa29ecef51968713b05b164d3a
SHA256

58085ade09e481395ed955183c43b7274d98c572b6d5dd3bf4b4e8cd3b33a515
SHA512

7d2e3455748b6eb0c437012113eee7ffad9675ae10ee8ff5865a616f5a6bc8daf19a42575c4010390b96570e8970c11548b7ab1a77c22da74f3a38138a12ce04
SSDEEP

6144:qvXIuQaSHGpjkatL7pCGrx1lLnyd0Pv/fPcbm8FE8knuQ9g:vuQVGpjLLL11IOv/Hcbm8ePnu4g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91f6f4239f2d77a356b7d4538266986a_JaffaCakes118

Files

91f6f4239f2d77a356b7d4538266986a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ed2e6891d5512be2552769763ea5a9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

OleRun

shell32

FindExecutableA

wininet

InternetOpenA

user32

GetDC

comctl32

InitCommonControlsEx

version

VerQueryValueW

advapi32

RegEnumKeyA

oleaut32

SysFreeString

shlwapi

ord12

gdi32

GetDeviceCaps

wintrust

WinVerifyTrust

crypt32

CryptMsgClose

msi

ord168

Sections

.MPRESS1
Size: 272KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE