4deae0a927d7ed0e87d0640d278065b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4deae0a927d7ed0e87d0640d278065b3_JaffaCakes118
Size

38KB
MD5

4deae0a927d7ed0e87d0640d278065b3
SHA1

2b081b1d32e4f3580de3a43c1f4c579a56ca0d62
SHA256

93941a47e0a8cf940b6a6fd26f1ed2b4f2071f1413973db2b08679e2e7cae1f4
SHA512

7fd9ffef230f883c2679c91766fdbca5d035eac51773f72d1398399f2a604b04f519946f4f9e3c7d6ba6e2b702744098a60a28d1c22bb0fa4e7cc0d307d91958
SSDEEP

768:xBWqBl5PvC1273mF9/fzNtHeC7v9kYab3Vc7mcfQYj:191sdfzNr9kYa7Vi9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4deae0a927d7ed0e87d0640d278065b3_JaffaCakes118

Files

4deae0a927d7ed0e87d0640d278065b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d45a2db2797a73556dda33f903e00e06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
GetLastError
ExitProcess
VirtualAlloc
GetVersion
CloseHandle

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE