d10af09dad99948b1dc96bfccd6d259f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d10af09dad99948b1dc96bfccd6d259f_JaffaCakes118
Size

284KB
MD5

d10af09dad99948b1dc96bfccd6d259f
SHA1

5f90a5f3eee5671ba0f75aa4685ff282a0d3c84e
SHA256

35b7a1a0bf2cf62ec4a68635046861b4a30a049942e83f84f613d1d9378e5bc1
SHA512

a7e0040baaccb250ee41bddbe9d7dd5ec03fe42bfe208b3af8b0c68320b2f6c19338795f790b64ea86991edc0d1ccdfa46d16f96d36d3b1b7c2e961fe4048259
SSDEEP

6144:1ZSqSrvAPPzXv7Jz+CBIwguKC7tCZ+8OM:HkrvcEnyKGtBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d10af09dad99948b1dc96bfccd6d259f_JaffaCakes118

Files

d10af09dad99948b1dc96bfccd6d259f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.text
Size: 204KB - Virtual size: 639KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE