dfb92a76d15ca4e275295b0ba3a989bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfb92a76d15ca4e275295b0ba3a989bf_JaffaCakes118
Size

34KB
MD5

dfb92a76d15ca4e275295b0ba3a989bf
SHA1

2a8ca5aaee4b2b09931488b2f570414f673d6155
SHA256

f7622c983c18d288e04c390e98213e62d25e01bfbbc0a7bf661ed9c5ed225fc6
SHA512

b5653928b7eb3ad064df81611caa0390ea24f2462b6e7534db8b0a08742c28d02afc0b17ab5fe9a166349eb3d9989ba2ef73a5636cbc533b21e30ac60af9be97
SSDEEP

768:36t2EKdne2Dez4igdcBSr8mW/x7TJMP587C7DEJ:3RdntoHgOBdmo/JMP5iJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfb92a76d15ca4e275295b0ba3a989bf_JaffaCakes118

Files

dfb92a76d15ca4e275295b0ba3a989bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

879a16614ae39124235855573eb4acf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

version

VerQueryValueW

user32

CharNextW

advapi32

RegCloseKey

shell32

ShellExecuteW

ole32

CoInitialize

oleaut32

VarUI4FromStr

shlwapi

SHGetValueW

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

free

Sections

.MPRESS1
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE