65d28c1458bce99f2291d531ead6da3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65d28c1458bce99f2291d531ead6da3e_JaffaCakes118
Size

49KB
MD5

65d28c1458bce99f2291d531ead6da3e
SHA1

36a553e814a43f317e94f9ea67f167e708116d21
SHA256

8a7ebe65194a0e3cacd99c9f06b78fb39dc2884f0aec16583ec9abeffaafe04c
SHA512

b19f0e7b1a2b1531ac87b61eeb90ae22fc710157e973b1d4dfae70e05632072bf5cac4078e592ed5946f2f9ea44177b8eb377aa39bc15f9f20c17d5c667c6cc6
SSDEEP

768:E41Ag6b6NlYZpWIvOLqPJStFzLhK9BP855de8C0ng:E46b3HQ3KU5be8Bng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d28c1458bce99f2291d531ead6da3e_JaffaCakes118

Files

65d28c1458bce99f2291d531ead6da3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

405634793234cc7116e319172d86ae59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegQueryValueW
RegOpenKeyExA
RegSetValueW
RegEnumKeyW
RegDeleteKeyA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegCreateKeyW
RegCreateKeyExW
RegEnumKeyExA
RegDeleteValueW
RegEnumValueA

user32

DrawIcon
CopyIcon
GetDlgItem
CopyImage
EndDialog
CloseWindow
GetWindowTextA
GetCursor
GetMenu
DialogBoxParamA
CopyRect
IsWindow
GetFocus
DrawTextW
IsMenu

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 54KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 783B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 153B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ