8df4a3f65fdeca3d9a2487bb413c774a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8df4a3f65fdeca3d9a2487bb413c774a_JaffaCakes118
Size

90KB
MD5

8df4a3f65fdeca3d9a2487bb413c774a
SHA1

eac41ea92e6f161d271c22ca11a5fe540a405bfe
SHA256

df90d277e4068db0e9e7f4efeebf8f0057b33dfe270109a1721b32fd3eb0f05f
SHA512

bb29d32b5bc798e21b2a09e81ba6edbda5f34a441fac5c05ddc47a09db5f5bd865ac86f61309a872b9ea11f117a407278180fdfedaa59b3438e6b6654f4fa9b0
SSDEEP

1536:SvuNymlE4vFJKE03vRQ+UNd2LjLggES46dvoPiJIPf1vCVPM/2jA/4USTJvmPh1F:rNyc503vR1r3uArJIVC9USTJ+Pb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8df4a3f65fdeca3d9a2487bb413c774a_JaffaCakes118

Files

8df4a3f65fdeca3d9a2487bb413c774a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7be9c39306de47e258b706989418a157

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadStringA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ntdll

RtlDecompressBuffer

Sections

CODE
Size: 75KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE