a67f950bac33db9f10d69462a530f94b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a67f950bac33db9f10d69462a530f94b_JaffaCakes118
Size

451KB
MD5

a67f950bac33db9f10d69462a530f94b
SHA1

15d9962c7df56d24d6622ca7c9bd35d96b88206d
SHA256

b07cbf0e6e2762ba3f61f25ff7543ef7a38511bd606f612a7c1976bc811595c8
SHA512

f0bdb794a44852a6e421a1a7df816046d251765258c1697e14a5fcfc6fcd93ad0f94c9afc398f87ef7a1f3bfaeef9f0ea2ffb3a87274437e8301a1ee43f03ead
SSDEEP

6144:PSfEfEsWDUXZFKDCLRU6M2j1cW8Q1iNhJYlNxlQdVXXvrpxGwn2/lN2kwtvZ7cEA:qLKXLCt2j1cTJ6eRDnr2P2rRBcE2d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a67f950bac33db9f10d69462a530f94b_JaffaCakes118

Files

a67f950bac33db9f10d69462a530f94b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b8fa6009dfdbb236098903a5d272873

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

SetFocus

advapi32

RegCloseKey

ole32

ReadClassStm

oleaut32

SysAllocString

Sections

heat.ray
Size: - Virtual size: 1.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

heat.ray
Size: 450KB - Virtual size: 452KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE