8954e6c1a18acc2669cadd8b91de6d08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8954e6c1a18acc2669cadd8b91de6d08_JaffaCakes118
Size

196KB
MD5

8954e6c1a18acc2669cadd8b91de6d08
SHA1

b1bd2dd8ebb7b25581a1f4b03f0e84569b0572af
SHA256

29444bcfa6525f6a31c1b2552d8ea726a8c01b70320516620ad3fff9e9adedaf
SHA512

85f0ab67c1ffb70988ecfbb5beb23a4a95ae14ce9b083acbf8b6e67170f80e18846bae22360836e1879afb08b54c5a11261097b688e67986fb605dc9b11defc0
SSDEEP

3072:zaS/zRNCBwrhPJfNP7FatQMTN8iucpeITKnNmH4PurLV0K:ttNCBQv5F2QMxzH9TKsHmurJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8954e6c1a18acc2669cadd8b91de6d08_JaffaCakes118

Files

8954e6c1a18acc2669cadd8b91de6d08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22423eb3058af0ae47f08ce450d03f43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

Sections

.MPRESS1
Size: 11KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE