6386817a6d5e2c52cef49c78bfdf3a0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6386817a6d5e2c52cef49c78bfdf3a0c_JaffaCakes118
Size

467KB
MD5

6386817a6d5e2c52cef49c78bfdf3a0c
SHA1

d75b678ae8470dcc0cecb2ffc3fac4caf4969800
SHA256

1b16c623fef5ef6d17942a7f96fd58c69eea1926a5c61724b330e357b4c76b6d
SHA512

349aa9d5a7440f317f3f4ffc867fe10b245c75afa637de2b56a8b95e919409aeeb74493405dc7371183cb38bc825fee67eb8aff5936b73998424c9f53c79ba16
SSDEEP

12288:CHdBNmUfWlD/Sms0O6BAflzyOoSujuha95:C9BVG20dAfJCuha95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6386817a6d5e2c52cef49c78bfdf3a0c_JaffaCakes118

Files

6386817a6d5e2c52cef49c78bfdf3a0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

268d79a6fa5230c532250deb1f4b7f35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

wsprintfA

gdi32

LineTo

advapi32

RegCreateKeyExA

ole32

CoCreateInstance

oleaut32

VariantInit

Sections

pec1
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 437KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE