748bc3e416cd9cf1c163ea5152964b4c_JaffaCakes118 | Triage

Sharing

General

Target

748bc3e416cd9cf1c163ea5152964b4c_JaffaCakes118
Size

24KB
MD5

748bc3e416cd9cf1c163ea5152964b4c
SHA1

454d6f161763986aaa691ee106ca572bdc67bcfb
SHA256

e4cf3f892878519ef9ae38e3a53ca763bb2b59d7d39f2c1bf592d3bce59fe2a3
SHA512

fb3e622fd1d0eaa182cff5ebdf6021ef80ba115e9b4f297b0ff94a0479ab5e8486e091d781b83981a3bfda2cfc86d07d7ca1990fd262e90de37e955787eff626
SSDEEP

384:JX888y6s0+8+hgxs+8TxrpfEMMhZojMU0YFk/BgY4lMbTcfB/6LF1FOe:JNlCs+UrpfqZojMU0YFk/Bg9jf1c1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
748bc3e416cd9cf1c163ea5152964b4c_JaffaCakes118

Files

748bc3e416cd9cf1c163ea5152964b4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE