d4f884b972a416c1127e656e090f2188_JaffaCakes118 | Triage

Sharing

General

Target

d4f884b972a416c1127e656e090f2188_JaffaCakes118
Size

97KB
MD5

d4f884b972a416c1127e656e090f2188
SHA1

3f1d55c1996049b65269884ee7964e1c212fcf5c
SHA256

e19f755df9ce6e5d2df06ded8f6cc343126a4ce8bd75172d0502e5f636dbd80e
SHA512

823a3c1874a52bae65f2750a673c4ac8ef5a4fee93cb34299ff1b73bf36e360785b5b8c745199dad29a8d5f3852258545cf98b69acb64eaf4347f3dbadb7935b
SSDEEP

1536:0vfUloM6maFsxz6lGkDs/I5xU7mvw1J5sY/YVfWXaBnWq72/qjhprmKKnGTO:Msoxsx6F5xUpStWXaxNtjPqZnGTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4f884b972a416c1127e656e090f2188_JaffaCakes118

Files

d4f884b972a416c1127e656e090f2188_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4761c375b42224e34d4ce1307d0c7313

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

MessageBoxA

comctl32

InitCommonControlsEx

Sections

.MPRESS1
Size: 60KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE