35349d10e12957a8d5a2ca9b5881f719_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35349d10e12957a8d5a2ca9b5881f719_JaffaCakes118
Size

104KB
MD5

35349d10e12957a8d5a2ca9b5881f719
SHA1

ce983bd58053fe89e774551a9808dc5a8db90a4f
SHA256

be85a4ee35ba618b257026b6aa01b358e5a789d15ccec7e6a9380202dc3363d7
SHA512

8c152ec5d8c89836aa087cc6572b809655fee735887d87b43b75ebcd34b89af6f908540ec4bbc3890ca23f4d9a5d545410c96070a429f5c54499d31656ae40ba
SSDEEP

1536:Oft/UJNoLHLoOTcQpjTGZTg57qCe9oodOOHSr42aeEKIg4:CYC/oQp/GZ87GyodDHSr428Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35349d10e12957a8d5a2ca9b5881f719_JaffaCakes118

Files

35349d10e12957a8d5a2ca9b5881f719_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1e63e5d518c81934713656fb7d6cac6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA

user32

LoadIconA

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ