c788b603de2eed5e313c86f8ca37ba05_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c788b603de2eed5e313c86f8ca37ba05_JaffaCakes118
Size

268KB
MD5

c788b603de2eed5e313c86f8ca37ba05
SHA1

4fc5e48f4785370824b0504e383bd88aee4347e8
SHA256

24b3151a0dd9b483124b2ee3b17d77f7c2cc0c7a9e3859aeb408b9d6307ce307
SHA512

df30f755d2c81fde2348c27001de74a441d563b4d370ec74ebf8debd8a91e956bf5374a70ca49bee315100cfef1bc7fe365d23e52e247fefe254fc5f99bef994
SSDEEP

6144:SZv3u4t8YdRDe5SVeKrwYhfqBbvoiFad/qcLgMFpz+ok:iv3mC5ecVbr/EbgiFad/qogMFtk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c788b603de2eed5e313c86f8ca37ba05_JaffaCakes118

Files

c788b603de2eed5e313c86f8ca37ba05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abff23744dd75795e1f9179f2a987e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.MPRESS1
Size: 214KB - Virtual size: 816KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE