a95b89596f036f45b727b2f3f5cea158_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a95b89596f036f45b727b2f3f5cea158_JaffaCakes118
Size

195KB
MD5

a95b89596f036f45b727b2f3f5cea158
SHA1

9a2608e30f57f43f9cd2b7d66189f99fa3be627a
SHA256

b3e366cdc65ff12887c790f072dcd1d170ab534ecc53932034c4a9e8a38b3af8
SHA512

e7ef9ee76f85172dc42b5e59a25f005a84cdd0616b0a0dce47ad772de80048488f044b8dd7331b45b8da3090053163f88290eda754fa88753f60cc46abcd0b2f
SSDEEP

3072:OGftb6u20/1VVULo0V1BBSAL4CLV4p30CBaZqv5GE5IhELdiHJZQgs8tJ:Rlb6LGjh0bBJ4I4BeqvkEeQMJSgs8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a95b89596f036f45b727b2f3f5cea158_JaffaCakes118

Files

a95b89596f036f45b727b2f3f5cea158_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f9cfc4ed06d71998178c5511b839181

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

recv

netapi32

Netbios

rpcrt4

UuidCreate

user32

SetTimer

advapi32

RegOpenKeyA

Sections

.MPRESS1
Size: 192KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE