088bd5f59475612b1e771167764e0614_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

088bd5f59475612b1e771167764e0614_JaffaCakes118
Size

105KB
MD5

088bd5f59475612b1e771167764e0614
SHA1

f5f391dbc75c9b6e35241a32a72b2ed9ce51f17b
SHA256

74f78f2e79a39e88690ddd37e13cd4c3a0718033dd4d08ad167958d50d6847d8
SHA512

ff4b9e4d7096585ad022a02d016c893e3296fa194528c81c02618e7961fc013733176a79836464c105b066b78d10a0997a4764e330bb2497fe1048422d46e7a6
SSDEEP

3072:s5sWAKkXDAX2Yb+B1xIul02NlBUFFk8jwaaHw7Koj4rg:sWWA9XNJB1xIuTbUZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
088bd5f59475612b1e771167764e0614_JaffaCakes118

Files

088bd5f59475612b1e771167764e0614_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

bb7bdc49069a19b13e3d44735c8f74e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetTimeFormatA

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegConnectRegistryA

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE