76be78d32da3ba4b5a3405f18af25a87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76be78d32da3ba4b5a3405f18af25a87_JaffaCakes118
Size

115KB
MD5

76be78d32da3ba4b5a3405f18af25a87
SHA1

79fc2a2ff8ec35bc59771b261c161157bf7e9d59
SHA256

1aba5338e74baf585077dd2afd383d1c1cf092794485722824c86cbc3f2a4929
SHA512

de3566de7d7be7adca0571c970ec5eae9a35120c2f6ba7e15eafe89bc65e8231f91c00a30ef65acea4ae2c8176e02ab25b4739dd47732dd541a10dd733c3aeca
SSDEEP

3072:ChJNT8jrdcL8RPqgNObtxRBjP7yLlHy3Lrq5uVxe4n:wA/dcgRPwP7ilSbCixxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76be78d32da3ba4b5a3405f18af25a87_JaffaCakes118

Files

76be78d32da3ba4b5a3405f18af25a87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33767223896cf7e33d15e616f9507b17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
CompareStringA
LoadLibraryA
LocalFree
GetProcAddress
GetVersion
LocalAlloc
GetTickCount

user32

TranslateMessage
CharNextA
GetFocus
DispatchMessageA
GetMessageA

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ