a269fead2f323b8dc0f020cc65812f3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a269fead2f323b8dc0f020cc65812f3e_JaffaCakes118
Size

37KB
MD5

a269fead2f323b8dc0f020cc65812f3e
SHA1

c1f128313c4117878c81898b016d98d1556c2371
SHA256

1ee68dea890f8806a74a125cf3b7d375b3e6e3c3335490cb225d2e20c060fcf2
SHA512

07161ed87e0c05276b8787849905019f65ec401114dd919111d70639e501315566a1f5c94ba5a2c415dc605b345c396efad0d6501b3788bbc41605ba536f7b37
SSDEEP

384:Nk9KZL2hVs5/q8S1Tq5Yan/uv2mKXrhPJrPBc/OB8auIgf6GpLIPGOKDiKDiKD:Nk9KZ6McdE5uZK7hRrPqhwgfbpLIPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a269fead2f323b8dc0f020cc65812f3e_JaffaCakes118

Files

a269fead2f323b8dc0f020cc65812f3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2c06f3e661533906fefc8bfc637bb1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
VirtualAlloc
LocalFree
LoadLibraryA
LocalAlloc
GetVersion
GetSystemInfo
GetModuleHandleA
GetVersionExA
GetLastError
GetProcAddress
GetFileType
CloseHandle

user32

GetFocus
GetKeyState
DispatchMessageA
TranslateMessage
BeginPaint
CharNextA
GetMessageA
EndPaint

advapi32

RegOpenKeyA
RegOpenKeyW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ