134a9855e9f678af807595b2e8213fc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

134a9855e9f678af807595b2e8213fc3_JaffaCakes118
Size

33KB
MD5

134a9855e9f678af807595b2e8213fc3
SHA1

b78e2b69c93341b59231288a56c770fed847ed83
SHA256

ada60c7a072c8fa6820a05d16c8ef2f71a6b1d24f1e6219d6f9c9c281f58df31
SHA512

c3c72d3ee0ec2547121ff2937722c69fd96ecc6e0734dfa58b5353f7ba7d53d0ced0b73d209f41900e402bc916c45d042e8889e2f7edbb79c8bc718652ebf33e
SSDEEP

768:KuU8QjCiIH3rhOWk+tSJirg5KC8QR+hBTZZM:KudQjlWuN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134a9855e9f678af807595b2e8213fc3_JaffaCakes118

Files

134a9855e9f678af807595b2e8213fc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 1023B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE