33df8520d61986a391f26128c8201c3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33df8520d61986a391f26128c8201c3f_JaffaCakes118
Size

52KB
MD5

33df8520d61986a391f26128c8201c3f
SHA1

05cf8a82dbba9ae41a1ebcba67a20531f2ad9eeb
SHA256

c78aa2e8c4e8c7f29440aca90131014cd278431dba2568565dd561f80768e123
SHA512

788a8a3fa8a9b1df1a0a2a8f4eb2433a09b599a965ed951d8d9ffb2c63dc48b83be729f9ce57f6798d46ed649e5c38e4d8e1cdcf1621109dc9214276605773e7
SSDEEP

768:EX8w+r/6hukz9sBKw5+tF1P161u17J5NFKu6EIqz4y74R43lX8tDbHSY:67KQu+szy7HlX8t/SY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33df8520d61986a391f26128c8201c3f_JaffaCakes118

Files

33df8520d61986a391f26128c8201c3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ecode
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ