e9d77c483ce2448f468d07576da38d7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9d77c483ce2448f468d07576da38d7b_JaffaCakes118
Size

34KB
MD5

e9d77c483ce2448f468d07576da38d7b
SHA1

0a809ec789d6c3f8f32afca5957a80adb441ffd2
SHA256

0baf16ca08298b82b59b15d7634c18bfa961fab61d0e3040a45aaf10491fd424
SHA512

9800cf3127c4f69586947a09b90abe903c780b81969a02ec4fd921f6986c40cdebb41ab2486d90844c52dd47585c9f251c4d8459b99e7b6c48491f464da56bb1
SSDEEP

384:epQcj6K9IA+/dJZlJyNKZhM+EqUbPaB8u8j85jIoyu3n8sn8Fn8GIA+S:e6A+LZl0NaUb8jIoBFA+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9d77c483ce2448f468d07576da38d7b_JaffaCakes118

Files

e9d77c483ce2448f468d07576da38d7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c109ebebb602d2ecadc0d072a2406c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetUserDefaultLangID

user32

MessageBoxA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 4KB - Virtual size: 224B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 294B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 573B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.petprg
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ