b5638bc7e183235a61ae39daf652b5ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5638bc7e183235a61ae39daf652b5ff_JaffaCakes118
Size

36KB
MD5

b5638bc7e183235a61ae39daf652b5ff
SHA1

8d3df3a04c0e0b5344dd9c971835bc64f02310f2
SHA256

51ad2a73548b461d5f185d5a25e25c6d428e825c368cfa3cd0101b69540119c7
SHA512

0b67a89951fb3a4a18d5d3fcd9e20623f181ba53b08e98e527682a006cb0e917b5b65523752a1a7a6f69c42310b533b7b678ba4bf78910f98dbd8c47047f10f3
SSDEEP

768:TBpVV1fmxm+92JtBcQLCHQrb9lBFjO/gayxo1i2jb7DCs:TlV1fm83rLC6BlB5Qgx+T+s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5638bc7e183235a61ae39daf652b5ff_JaffaCakes118

Files

b5638bc7e183235a61ae39daf652b5ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a75fcff497371dd3592ca5957f75771c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

PathAppendW

advapi32

RegCloseKey

ole32

CoUninitialize

Sections

.MPRESS1
Size: 30KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE