aa1f9a00ef02fc756e4356f22900724d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa1f9a00ef02fc756e4356f22900724d_JaffaCakes118
Size

80KB
MD5

aa1f9a00ef02fc756e4356f22900724d
SHA1

4f5312e8234b2c8f1dae609df5c19bff422a9e08
SHA256

b03e0f5f7138982e76cbd3a9f6a8788b69e7860f88f01ce99c700aab4b50a73e
SHA512

42799e3bb517d1409dd94bc89ce57965c357e61ff1bcf26e736d6ea1f5e65e92fbb2c49c21cfee94f8685bc274c9907817ee7a7e0295f0deb8f328b965459eba
SSDEEP

1536:iZDWBgTl3vASOvu8Wa7LJfkUow5Pj+o8GcGFQ:i0B21ObnJf1PjIGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa1f9a00ef02fc756e4356f22900724d_JaffaCakes118

Files

aa1f9a00ef02fc756e4356f22900724d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f07235387c2d514f73b5a132ae5067c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CloseHandle
GetLastError
GetThreadLocale
VirtualProtect
VirtualAlloc
GetCurrentThread
LoadLibraryA
GetProcAddress
GetSystemInfo

user32

EndPaint
CharNextA
DispatchMessageA
GetMessageA
TranslateMessage

advapi32

RegOpenKeyA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ