afdc33c946d2ccc40751337f57f5883d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afdc33c946d2ccc40751337f57f5883d_JaffaCakes118
Size

40KB
MD5

afdc33c946d2ccc40751337f57f5883d
SHA1

640bcbe3e43f2cd30a93e864034f69b131c7d3fd
SHA256

8e0efc2acf0209e5c0d44e4e123dfdadf4bea00b1d00114107e7392fd0c89d0a
SHA512

bf9f5e87a198f3854e11e590049bb4ef70a234af34aceea398fe9d9174ef7dd60e7616b707c92dc3a07e1c574545f5ee243914f914247f1fd03b82d6ca991f68
SSDEEP

384:wNKhXEY/aUcma3zrha06H5UIkVd29GcruHl:We0Y/aUcHa06Rk72puF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afdc33c946d2ccc40751337f57f5883d_JaffaCakes118

Files

afdc33c946d2ccc40751337f57f5883d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE