95cb69c55ba18a20a53d8cdea14692d3_JaffaCakes118 | Triage

Sharing

General

Target

95cb69c55ba18a20a53d8cdea14692d3_JaffaCakes118
Size

128KB
MD5

95cb69c55ba18a20a53d8cdea14692d3
SHA1

65e9b7fb2c00e28e6a6f9486a86183be48c5195a
SHA256

9c67a125a32462baf35f327be86b064da87d508419519d45cfd6327f92a0c867
SHA512

55579a48083fbb8a4bf7c9f8b012390797b0efa7ff4560ba908ab890b279c88bc0374311f5e2b22d65c84a8ed3b7e8f479f2c2e813eb9d3ab213db7be05f28a9
SSDEEP

3072:V5wkhcI9CqZcJkl/1bxb86ey29DAUMMLXvOy9Md9p:V5wiV9Cqh/1bHRUMQgn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95cb69c55ba18a20a53d8cdea14692d3_JaffaCakes118

Files

95cb69c55ba18a20a53d8cdea14692d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88dab687fa9ee860bc2c24b861c5e8b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp

kernel32

GetStartupInfoA
LoadLibraryA
VirtualProtect
GetModuleFileNameA

user32

SystemParametersInfoA
MessageBoxA

advapi32

RegQueryValueExA

shell32

SHGetSpecialFolderPathA

imm32

ImmInstallIMEA

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsf0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.dsf1
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ