9da47030b91f7a47581494abddbd53c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9da47030b91f7a47581494abddbd53c4_JaffaCakes118
Size

64KB
MD5

9da47030b91f7a47581494abddbd53c4
SHA1

fdf48d5548275511c09be3f50a5e9bdf87c4d54d
SHA256

4b34a4bb755cc0429a35bad4dca3b78b65c4d5a6dbaa2890177023375f3cb16a
SHA512

23899e285728dadcd1760a2fa0d74e4cb830309c7127c5737bc9a86f8338c672de923764a28e19c7b7cd4334e29e790cd3be2752eb0869b7d474f753c2c2f9c0
SSDEEP

768:cTJvi5b2Zmf+DyEg4VMpzLiRSj8cIFGcG90FQ85yqpzrP0S7DsWWb3na8EQPj:cTkwsMyOafj8cIF7GfWlrqnV7Pj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9da47030b91f7a47581494abddbd53c4_JaffaCakes118

Files

9da47030b91f7a47581494abddbd53c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9303af5c3d80199bb46639d179f7f6c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wininet

InternetGetCookieExA

user32

CharPrevA

oleaut32

SysFreeString

advapi32

RegOpenKeyA

shell32

SHGetSpecialFolderPathA

Sections

.MPRESS1
Size: 35KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE