d716a5a55c555990fcf591426d004379_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d716a5a55c555990fcf591426d004379_JaffaCakes118
Size

40KB
MD5

d716a5a55c555990fcf591426d004379
SHA1

6fd53d85bb29bdf3545183b22874956a6241b699
SHA256

a22864f4ef1e7b098c50fc12e22a89987d81a6cf00323211cfbbf5f7f081d5f5
SHA512

76b3a2199bab5b7aab4e50649153228ff634b5641463c2b7c66d92a45ebc0c3128c429a75fef5866f2077a3e0e678432c92f148ca6d6f7ddf1abceec7313cf2e
SSDEEP

384:CUKgptThuXkHU7J7Vif+rbvHOsy66/WubTX4GRX96HsrCaspnq:Hn/ahMmrbfOsT6/RbrFoHsrl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d716a5a55c555990fcf591426d004379_JaffaCakes118

Files

d716a5a55c555990fcf591426d004379_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE