150d605a7a07b150d58c84214f78fbc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

150d605a7a07b150d58c84214f78fbc3_JaffaCakes118
Size

140KB
MD5

150d605a7a07b150d58c84214f78fbc3
SHA1

8dfb1b5dc7fae4189b7f23d6119bc427d73ccf83
SHA256

e1f9cc57c7fbb8dee2d4117319bfa981d9fb85d19610f56eec8b9ae60a57c235
SHA512

4593f2536e9c4da9ac89f2e0fbd325e13a9c9ff86728c7068ae2fc229a72dca1621d1c85ca1d8011e6b46fbf63727440aa3e6c38585ce50d03708126e8a6f632
SSDEEP

1536:YLSALDwT0OXqiU16PNOTx2SYHzgzBq0Zuy6IC1OSKywxMpl11y:cSALDwTRa71yY8BHUVPuF1OSvJplH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150d605a7a07b150d58c84214f78fbc3_JaffaCakes118

Files

150d605a7a07b150d58c84214f78fbc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a6ba8092b32dcd0cec622c6dfcc8e87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
ReadFile
SetEndOfFile
CloseHandle

user32

OemToCharA
EndPaint
CreateMenu
CharToOemA
LoadAcceleratorsA

advapi32

RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

Exports

Exports

b
iqbainob
nqvdkdvx
ws

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE