729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118 | Triage

Sharing

General

Target

729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118
Size

50KB
MD5

729e48bf2f40a750ff41f67fa56b550b
SHA1

c6756ad59ea442216b3e66309454588e56a42531
SHA256

6c55e6f97bf0bc0f747c41be0f4c24506565e70e4cd905bf6824045ddc8d09e5
SHA512

1ac108c6c98e1130c9811032b5d5bd485c3ca096470ce49ea5014fd3d0643be8855ad6c304a093e2845ac1ab9424e8d5f1eb3e964bfa4ecf9144a1e5ebcafb6f
SSDEEP

1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnb:It7R8fU6n8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118

Files

729e48bf2f40a750ff41f67fa56b550b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

UIJDHTEY
Size: - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UIJDHTEY
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE