5b96018e26117cbb5918e9a50fbe450c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b96018e26117cbb5918e9a50fbe450c_JaffaCakes118
Size

239KB
MD5

5b96018e26117cbb5918e9a50fbe450c
SHA1

310ae31d5336c50d84a25f7883ef6cc23c0d9f2a
SHA256

9a715975fde6f5b8f24a9a820a6ebb1a1e9d24dc8b131181150d6d9ba062c73e
SHA512

729a634ba2bbd11846b626d63f2fc9aec2e697ec558af2a70cf95473a78911eab7aae45a058d3429141df9a5951a6dc6dc51279f4648f1505905f56998f72914
SSDEEP

3072:yZQSolkGvT4TmTAeOK63f3cgdQW+pKBmUstC9/V1do5+gDTQmobN2cYptXuPbQfG:yZQSRzTl3fWW+pKmFtItX0+9xP8xY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b96018e26117cbb5918e9a50fbe450c_JaffaCakes118

Files

5b96018e26117cbb5918e9a50fbe450c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69ffd393605d7736db3139f1c25f53a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

advapi32

RegOpenKeyExA

Sections

Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE