a7298edc755be3ee37b94077c5b26337_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7298edc755be3ee37b94077c5b26337_JaffaCakes118
Size

222KB
MD5

a7298edc755be3ee37b94077c5b26337
SHA1

a2ec113e60b9e0cd8a4af9d24b10cb1c199895bc
SHA256

e1dc0aa58665b9e712ae90fbe98ce315bfcb82f9dc97e8bdfe1c47643bc52938
SHA512

f664a63672c52a64107725d8a7632dbda89dcf40ae2f3f522a9ce9f02af05bbba664382490229c22d04758200c01ad3db08f085d754b9efc1c37df9daf5c611d
SSDEEP

6144:aOksXgnmBnMmjfvurcSKY0K0efL5cD3v4FDJUlvRp:aOk74MmCHOej5cD3ghJij

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7298edc755be3ee37b94077c5b26337_JaffaCakes118

Files

a7298edc755be3ee37b94077c5b26337_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18e020beeb1eb9779e27a0067c8121be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.MPRESS1
Size: - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: - Virtual size: 953B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE