42f2d27265e1b04e2b3aac3f3c7c665a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42f2d27265e1b04e2b3aac3f3c7c665a_JaffaCakes118
Size

1.4MB
MD5

42f2d27265e1b04e2b3aac3f3c7c665a
SHA1

277ae52d7c9b2c5c8bd50175ce5e7f9bca02ffef
SHA256

9e14770787d7a4de27d5eae6180badc6fbebf6535b61213ec827f55a676071a8
SHA512

85ca1b2186cd4b5e64e0861e1d87f57251e5c23fb57f422c43bffb8dd6d645b4585a6ad0f8164289e4760fb36c8d877e11651bfb9977b4a29460b457d7c75edb
SSDEEP

24576:J+lqUSxs1C5KmbLlbMuSeqNC1/vLfueWT344glVyC6d2tOoo+LDx:QqZxr8yFMuCw1/q44iyVdzoomDx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42f2d27265e1b04e2b3aac3f3c7c665a_JaffaCakes118

Files

42f2d27265e1b04e2b3aac3f3c7c665a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ