bf92b8e712f11b4a45268d362c9f5063_JaffaCakes118 | Triage

Sharing

General

Target

bf92b8e712f11b4a45268d362c9f5063_JaffaCakes118
Size

281KB
MD5

bf92b8e712f11b4a45268d362c9f5063
SHA1

c163b2882bfde027d3a05a971b6be69ed0d96d51
SHA256

6074f224c255ecfd0df6d1a4fa90ffe2184b06ab9c08d69d1b4b96384a2e3411
SHA512

662a964483cca13eb852434fa687e3985411767b1806063e87156abbd42edd28cf5f898bd0197ce341927d0a57a5ea707f17e34b729ea851a7b3ca37b216baac
SSDEEP

6144:A7EZS7GkpKZ6gQFlAWYIJ7fZ8TEJzxgYsFymhw5AI5cs9C9y3:A7EZS7VKZjQbj1JrZZxgpFyVAI5cs9u2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf92b8e712f11b4a45268d362c9f5063_JaffaCakes118

Files

bf92b8e712f11b4a45268d362c9f5063_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

1db7e517371006b39ece1fc12bdcc995

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
SetConsoleOutputCP

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegFlushKey
RegQueryInfoKeyA
RegSetValueExA
RegConnectRegistryA

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE