11c95749e3a3c4aa4cd7da697da9d4c0_JaffaCakes118 | Triage

Sharing

General

Target

11c95749e3a3c4aa4cd7da697da9d4c0_JaffaCakes118
Size

424KB
MD5

11c95749e3a3c4aa4cd7da697da9d4c0
SHA1

8d05f53956d4a5b1fb781ffe7ba58ff1c53d00a1
SHA256

e9258f77854e2df9ec94988d47c82f95290b23f5a89641105a04e46c6fd52377
SHA512

c9174e51637493ff8cc39201a4212718dcffd8be90e044d9cce7bf453bc248dbb11380ec08be08110968c64ab43d70012ec9418c8c39383046cd92a4dca9291e
SSDEEP

6144:95FesBZA0ST1aZpplOq8VmMcY0/03pkwT/6OfT76KEIlCV/jmp:95FrZPA1aZppjalHWwT/6On6KE62K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11c95749e3a3c4aa4cd7da697da9d4c0_JaffaCakes118

Files

11c95749e3a3c4aa4cd7da697da9d4c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

701b14038d06aef7ddc32a7da638c303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

advapi32

RegDeleteValueW
RegQueryValueW
RegCreateKeyExA
RegEnumKeyA
RegQueryValueExW

user32

DrawIconEx
CopyRect
GetWindowTextLengthA
GetCursor
GetScrollPos

Sections

.mnkp
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mjao
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kaga
Size: 356KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pbfon
Size: 1024B - Virtual size: 921B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.emojh
Size: 1024B - Virtual size: 573B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ