a57008027760582deb4d6813250f3c22_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a57008027760582deb4d6813250f3c22_JaffaCakes118
Size

500KB
MD5

a57008027760582deb4d6813250f3c22
SHA1

b9c9c2bd501c7bc26b9f76b631a2d857a1de8968
SHA256

1ad29b7dd4edfda9c56c4d90f4d6691bed85e8c5fb8720b2ef2c8dbeb84d75d2
SHA512

41279cf6cf6b95b9dd73024db6f50e10384ae918035d92c7215e55cfa1270c6b62c6945ff5891c62f4c6ee648e75ce4ebf314703d6cf032d1f64e34fd2895222
SSDEEP

12288:m0zzSEdX8V6MCm3RKrnC0XAG7EtAT1Aa1Q:OEp8Z4rnCwAhtACkQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a57008027760582deb4d6813250f3c22_JaffaCakes118

Files

a57008027760582deb4d6813250f3c22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

xsdcc
Size: 424KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

._______
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

^*&)*)*^
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.�!!!!!!
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE