dd56a6716c310211f42d8e16bc79edf6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd56a6716c310211f42d8e16bc79edf6_JaffaCakes118
Size

13KB
MD5

dd56a6716c310211f42d8e16bc79edf6
SHA1

ae9e3f3b03d06d6e5261e4917663ecb9c0141ca0
SHA256

3e7c68742faf87313ba79416e2f15707c8e56086cea277b4eaf48bf46fb66969
SHA512

88b0cb82a9d72220a825fafe1a9e45dd64b5c8ecb31a6476cc7b227782a81188984a98b0a5780579d3a535757b2cd7d5eeba44899f1c307378a78ad9f0fd5138
SSDEEP

192:DTSB9ieU4FDGjV2+2DUtTcwaVcIbFh6LSD3uCOJFyoTMYpg+gDeBvWI5:DTSBroY+2DaIc4h66OMYp8De9WI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd56a6716c310211f42d8e16bc79edf6_JaffaCakes118

Files

dd56a6716c310211f42d8e16bc79edf6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af943c28ac77ba2da2df3cd28b7f90be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

advapi32

RegCloseKey

user32

LoadStringA

shell32

SHGetMalloc

ole32

CoInitialize

Sections

.MPRESS1
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE