009240d0a972ad14a0f66619150560bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

009240d0a972ad14a0f66619150560bf_JaffaCakes118
Size

131KB
MD5

009240d0a972ad14a0f66619150560bf
SHA1

1b2752eaa7b2cc5e94192aa77f6a31bc433d2730
SHA256

1b4c86abd67f904253dbf82961d7838cd63e572b985492e82f2d6dea589f62da
SHA512

4ab24bc515ab1e39d836add0cb7f59b189f82339e3ad4b44a301891500a122ea7e420ece6dce9cedd8b37e662b3d540fca0d2444f4931b1ab755d92989aed9db
SSDEEP

3072:hAWRIeZHuPNI4Z3XshSD0oeh77yPMqKgsB6G7D7iOc:h9I7I4Zx4PnhqiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/reg.exe

Files

009240d0a972ad14a0f66619150560bf_JaffaCakes118
.zip
reg.exe
.exe windows:4 windows x86 arch:x86

22deaa3e5166e3019a02358581c9a9ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
ExitProcess

user32

MessageBoxA

shell32

ShellExecuteA

Sections

Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE