JaffaCakes118_64f9b94be51e2e97bbdb62d77c27355e | Triage

Sharing

General

Target

JaffaCakes118_64f9b94be51e2e97bbdb62d77c27355e
Size

183KB
MD5

64f9b94be51e2e97bbdb62d77c27355e
SHA1

28bf3b4e18bfecf3ca0f128e0237a4b0e2414b02
SHA256

ca5fa8be93f118fdb26fcb970ec6194691a80ed4d51721f8ab5dba32afaf3590
SHA512

686c4823c7263180c4fc698f16f255ee7626cfeb4a8f365b43a6842cccd90203ed75b7884bda42d11f2dc9d7afcce47e94c5c3662c2acaae7286dc525a84c3eb
SSDEEP

3072:nFmbzWn7+CwH2aXwQNFWwqRaTW0MgxntUn3YuBL5xM68:FCmF9aA+qQkggoSLDMj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_64f9b94be51e2e97bbdb62d77c27355e

Files

JaffaCakes118_64f9b94be51e2e97bbdb62d77c27355e
.exe windows:4 windows x86 arch:x86

b3da2a4236ce3c056a3832b63771de77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

VirtualAllocEx
WideCharToMultiByte
LocalAlloc
CreateProcessA
EnumResourceNamesW
RaiseException
MultiByteToWideChar
lstrlenA
OpenWaitableTimerW
GetSystemTimeAsFileTime
InterlockedExchange

rpcrt4

NdrFixedArrayFree
UuidCreate

shlwapi

PathFileExistsW

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ