b603e9381a24c18a9e1de1d654fb3a5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b603e9381a24c18a9e1de1d654fb3a5d_JaffaCakes118
Size

36KB
MD5

b603e9381a24c18a9e1de1d654fb3a5d
SHA1

5ce460d3e1eea5335772a2519f605f3abaf64171
SHA256

59dd118a864f0703b0e96428c130d50ebd27f3ccdc11a01c62dc6726cf92fa2b
SHA512

0cf5c0355e396a8826a84a872782f28dec4950ce5f5c457673d25d6eac6d19baaea5c7f2d91f87a5d3eecf7fd894995f899653df2cef20ee9be57c9eb98edc5d
SSDEEP

768:wICx2OEgSNoc9ZStSN+DilE2HPA496OeDAl7Dpbbi1V5sf:/fOwooZ6SN+f2HAap6P5sf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b603e9381a24c18a9e1de1d654fb3a5d_JaffaCakes118

Files

b603e9381a24c18a9e1de1d654fb3a5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87a004d492a3084f22f428f742c302ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
GetLastError
ExitProcess
VirtualAlloc
GetTickCount
CloseHandle

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE