66e180bfcac72cc9dafa0146cb07dbb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66e180bfcac72cc9dafa0146cb07dbb5_JaffaCakes118
Size

111KB
MD5

66e180bfcac72cc9dafa0146cb07dbb5
SHA1

4477c2d7741c985b6d4df9247854affa62ef0f4e
SHA256

e703386b9ad151b23034ec0c41b130008068e50ddc1a1cf11d33ebca9c4d05d6
SHA512

be63121393d8cd3c1ee665ae0b75c66d8eb749e8d53409f43e92b81cde56bf3cd0973d50213c2062a81dd55358a79978c71da9201c421a179e9ce2cf56754917
SSDEEP

3072:2hUwvEkhjd8g8YVF2Q7SvderZgdOin5mC:bkVh5GYVF2Q74derZgdpn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e180bfcac72cc9dafa0146cb07dbb5_JaffaCakes118

Files

66e180bfcac72cc9dafa0146cb07dbb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1fb5613132bdf47bdba54836948e4a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentThread
GetSystemInfo
GetVersion
GetCurrentDirectoryA
CompareStringA
GetVersionExA
GetModuleHandleA
CloseHandle

user32

GetFocus
DispatchMessageA
GetMessageA
TranslateMessage

advapi32

RegCloseKey

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ