138184ce22be8a09ee28d8e3e150a49a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

138184ce22be8a09ee28d8e3e150a49a_JaffaCakes118
Size

226KB
MD5

138184ce22be8a09ee28d8e3e150a49a
SHA1

af5d2edc496b98f31d627d4f8f063fe492b76b08
SHA256

9ea7ba937f123db4f25d5406fba83691f98e1fbe29bbf3c9f0ba78f4715ddd52
SHA512

769e32b565e4011b74db2cd119acbc85767dabe989629f253988996198ee2a4f8a8445d04ae066c6cd4743d95fb18f32ccea8b1973e3ad830200a0d8f5d9ae68
SSDEEP

6144:LLlBhPLEo8Rs/2jtMFP2QObvkFjwCZ9bqJXHZmuO0B3e:LLzhPLEor/2j2FjjbSXxB3e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138184ce22be8a09ee28d8e3e150a49a_JaffaCakes118

Files

138184ce22be8a09ee28d8e3e150a49a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ