8b00644c088f2b961a8cf46825de6275_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b00644c088f2b961a8cf46825de6275_JaffaCakes118
Size

30KB
MD5

8b00644c088f2b961a8cf46825de6275
SHA1

565c27689cc4fc2e5ee73beb62d46f126d187c4e
SHA256

c33865c50be954ac07ed70ee2ea1494242d3cd78dc7ad8baa6ca359376e33809
SHA512

57fb974f71f78265d141fbde36b1502d403978c5c20a5d68373e82091788915519ea42bae69f60289a472f4852c8e4c96c09e21cd458238d04a4cd95e798c4e3
SSDEEP

384:a8aCPauSSfCe6C4ay4fZ2aQn1Pbp/Cnh840ZJdys+7ste+bMYjRae+3CCKrLno6q:TpSSfn6D8ONbp/qX0ws+ke+4EkRKJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b00644c088f2b961a8cf46825de6275_JaffaCakes118

Files

8b00644c088f2b961a8cf46825de6275_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04ad82a4e6a44ced607b4bc60359ba50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
ExitProcess
lstrlenA
lstrcpyA
lstrcatA

user32

MessageBoxA

imm32

ImmInstallIMEA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owgqpug
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE