a6ecca7e7426e321a5f5829265f74552_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6ecca7e7426e321a5f5829265f74552_JaffaCakes118
Size

103KB
MD5

a6ecca7e7426e321a5f5829265f74552
SHA1

7cc592fd95c5c2bd338f5085bcf0e629bdcea75c
SHA256

18d22bf7e1571aed81280f33fe6817311927e784d56d4b34acfcd14bad324424
SHA512

dfaba1bafaf0ffd3b19352cda2d607a6f09872b51b9e94981ee1d82a89d6d240835f1106db025f2e394b205664c27f86a0dfc730622ea1fb5b53f7b714f283d3
SSDEEP

768:sTZkI8QwjB7mJs/y85QwjB7mJs/y8xPNfbRlUQwjB7mJs/y8x:akIRcBZF2cBZFxpbR7cBZFx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6ecca7e7426e321a5f5829265f74552_JaffaCakes118

Files

a6ecca7e7426e321a5f5829265f74552_JaffaCakes118
.exe .vbs windows:4 windows x86 arch:x86 polyglot

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ