6fa32cd3b0f8b235cbae10e36f5e7d05_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa32cd3b0f8b235cbae10e36f5e7d05_JaffaCakes118
Size

25KB
MD5

6fa32cd3b0f8b235cbae10e36f5e7d05
SHA1

8be0951896ddf23d6605d4d53dca466ebce65a7d
SHA256

5fa65cfc1a8663d1b2aba49d44d914b370cf2a63e054498a8ca8c87aa3a88b3b
SHA512

7ac7fbede94614c8db798bb8eaeaf33e0e60640df22bb1fad302ed9b5507b0c07b3f91541efe2e9c84c957d8a57a1e33e5436da276799d0cc1bd168f735570db
SSDEEP

192:+EvicmSJ6V/YJs0nuVoeVqFop4bWG7wB2BLwlbOOwTimAuwD8bK2VxI4XQ84hruV:+AfDmoF1ESOSNHHW4XQ8usbHipIp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fa32cd3b0f8b235cbae10e36f5e7d05_JaffaCakes118

Files

6fa32cd3b0f8b235cbae10e36f5e7d05_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ac506b04607be0fb0c0cf7dba6d6cedd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcessHeap
HeapAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
IsDebuggerPresent

user32

MessageBoxW

advapi32

RegOpenKeyExA
RegOpenKeyExW

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ