d6cabd460ab5c1547bcaea518c38bed0_JaffaCakes118 | Triage

Sharing

General

Target

d6cabd460ab5c1547bcaea518c38bed0_JaffaCakes118
Size

31KB
MD5

d6cabd460ab5c1547bcaea518c38bed0
SHA1

a8d0b6bdd1d8c1ddde64a05274943e4e5ab17b63
SHA256

db03b00a06360745f0d126ccada6e9658ff943bd351262ecba06f32c07aa630f
SHA512

66aba0de4cda4b5e7b5fd35b42ec22f15ae1bad3432a05ca3a3104287b99cd9347ea932c3175a86ff9bbb24052fa98e5fd2c2a9a26625a9ea074232c306a3d09
SSDEEP

768:O6aXETFUgD1Ykh19+pzNoF3c0R8fMtowCIAHk36:OhXyWgxYKWzec0RgMqwFAE36

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6cabd460ab5c1547bcaea518c38bed0_JaffaCakes118

Files

d6cabd460ab5c1547bcaea518c38bed0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

581cdbbfcb0f45aaf2e6d261133b0ce6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentDirectoryW
GetModuleHandleA
GetSystemInfo
GetVersionExA
IsProcessorFeaturePresent
LoadLibraryA
Sleep
VirtualAlloc
VirtualFree
AddVectoredExceptionHandler
GetSystemRegistryQuota

user32

CloseWindow
GetDC
GetDesktopWindow
ReleaseDC
wsprintfA

gdi32

EnumObjects

advapi32

RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegisterServiceCtrlHandlerA

comctl32

InitCommonControlsEx

Sections

.data
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE