d592355b96a5cf6ddafca9dcc3d10c59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d592355b96a5cf6ddafca9dcc3d10c59_JaffaCakes118
Size

105KB
MD5

d592355b96a5cf6ddafca9dcc3d10c59
SHA1

f92041f4ba07d15b70ad270397d2eb77af86ce68
SHA256

27713572721fb8b0121f42c3ed13cecd6e63e66bc69b2cfad0a4aee86a485bd0
SHA512

942510d044904c715ecd479dcb4929a5ba5329b688682331ef54a7ce1d1c4b37937d985c2e310656394292ebbe6e170b6f2c584b30f3fda17b9a33fd11615dc8
SSDEEP

3072:lQ5faGko6CFrbJKARb0WQ9FSE1Fk8jwaaHw7Koj4rgdE:61afCF3IO0WmFRC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d592355b96a5cf6ddafca9dcc3d10c59_JaffaCakes118

Files

d592355b96a5cf6ddafca9dcc3d10c59_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

f2e922ebc2c4511de014eba37fa5399b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetGeoInfoA

advapi32

RegCreateKeyExA
RegConnectRegistryA
RegQueryInfoKeyA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegFlushKey

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE