a0e816ae09c6ff5434a8000a3428fff5_JaffaCakes118 | Triage

Sharing

General

Target

a0e816ae09c6ff5434a8000a3428fff5_JaffaCakes118
Size

768KB
MD5

a0e816ae09c6ff5434a8000a3428fff5
SHA1

97e59aeda209a2ece4ba6c7fd5fa1f28efbb0587
SHA256

36c780fb2d44716ec8e470f09cdbae9ea76fb7847e8880c6654ead1a16c1b4f8
SHA512

8c5a8252a7bb551540fd4338069155bf4217f311ec4db519d0d6ace0266467771e209e428d78d5dd7b7b35827d03d85538a20c3db90fb589cd614f30f27ea417
SSDEEP

12288:wi1x55UIEhlCXvkXVg8IBjLvl8NLrcgIHMlNCQQUivUqzxmmPCiRG:BGIEuvQERvWxrctHMlNCQQUi8ohw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0e816ae09c6ff5434a8000a3428fff5_JaffaCakes118

Files

a0e816ae09c6ff5434a8000a3428fff5_JaffaCakes118
.exe windows:1 windows x86 arch:x86

187553847b5ea54b105cce03f3a97423

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetModuleHandleA
GetProcAddress
CloseHandle
RtlUnwind

user32

GetCursorInfo

crtdll

__GetMainArgs
exit
raise
signal

setupapi

SetupDiOpenDevRegKey

advapi32

RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 40B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 844B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc2
Size: 300B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE