d9bbb1de16c63661ebc41f06a9296125_JaffaCakes118 | Triage

Sharing

General

Target

d9bbb1de16c63661ebc41f06a9296125_JaffaCakes118
Size

1016KB
MD5

d9bbb1de16c63661ebc41f06a9296125
SHA1

7ee94efe6e8eb1cfb7ded7960d77e70f00e877e3
SHA256

d07ba4973aaa5f51726f4c64ef1fd565a8ca528f6ec061fefb621294e2c209d2
SHA512

82c70a26a97c072dfefea8d89f5493768c5b40f1a5819a7f59eaa82ad68456992a798a93af8efa7f602f36d4b37223eed98fe8b8d29f7491366c98a694f9abe6
SSDEEP

24576:6pOZoNh9fAWEQWxa3STf+Oej6Osb50a75ygXE+xnvsl5FSahZ8lTxljWAae:6qQRpOpua7B/6vZ8lSBe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9bbb1de16c63661ebc41f06a9296125_JaffaCakes118

Files

d9bbb1de16c63661ebc41f06a9296125_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4378b61c8c9e44d5fc80e25c21dbfb99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc

kernel32

LCMapStringA

advapi32

RegCreateKeyExA

user32

GetWindowThreadProcessId

shlwapi

PathFileExistsA

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 32KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.52pj
Size: 956KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.52pj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ