d54092463c8e2d8de0f2fc0210656421_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d54092463c8e2d8de0f2fc0210656421_JaffaCakes118
Size

57KB
MD5

d54092463c8e2d8de0f2fc0210656421
SHA1

13f18723097a7e912eb6c0134173848e63818389
SHA256

e761acb4c19966ee9a5366057544c306c68b4adf603d0f33da3b2734ee21b5b4
SHA512

6ff3b8d5161135ac4ecad13dd09aea2e01e2485774a66b7ace6e860488440c5fd6120c8157b4e58a708b0714f8a5b1d84f359baae15c04001d6e4a71faf485e5
SSDEEP

1536:vWdFNSuradACFHb/Z1qhCuVdbWwI+RCcmJGi:udiiafhm7Vdbs5Gi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d54092463c8e2d8de0f2fc0210656421_JaffaCakes118

Files

d54092463c8e2d8de0f2fc0210656421_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c82c6e79d13705024bd53a61af2e1221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

comctl32

ord17

version

VerQueryValueW

user32

GetDC

gdi32

DeleteDC

comdlg32

FindTextW

advapi32

RegCloseKey

shell32

ShellExecuteW

oleaut32

VariantTimeToSystemTime

Sections

.MPRESS1
Size: 44KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE