aba3dfb8455c2478a42fd5950a24378f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aba3dfb8455c2478a42fd5950a24378f_JaffaCakes118
Size

69KB
MD5

aba3dfb8455c2478a42fd5950a24378f
SHA1

bace515a422e46b65d1771532bd4a6ae15ecf28d
SHA256

7da2f1b8116416ced4f5a87ad544367049f04655937053f74087c81c0dfcf7d3
SHA512

8ce1b88a51471aec30eac96be306309de04f9ee488be3ef02d5c6c15081bdfbb73cd0ae4859881e48df6a52018e32a0ab924db84f1cd9e6c66198f4e3fcbd5d3
SSDEEP

768:SQsxvqsPAWzEK8ApcD/Dz/Md5mEu/sTFe2cayTC0Q4e2u7lBbRt4:zsxPPAWz9pcDbzagW2zC0QfBNt4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aba3dfb8455c2478a42fd5950a24378f_JaffaCakes118

Files

aba3dfb8455c2478a42fd5950a24378f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab3b8533a19e0e29d2d84b87222ffc88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
GetProcAddress

advapi32

RegOpenKeyExW
RegOpenKeyA

Sections

.data2
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ