0742a343eb2ac1931561cf5dbeb23c9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0742a343eb2ac1931561cf5dbeb23c9d_JaffaCakes118
Size

1.2MB
MD5

0742a343eb2ac1931561cf5dbeb23c9d
SHA1

e6e6dc721633e01b7eb6d1fb66465a7699dba06d
SHA256

cce97a70a099c85ced19588ab1b59c26ad197af9007feac2439a5e1b1f2ffd9e
SHA512

344c0ee06598fdfc6dc3d8ae3e69b72facb3c0317898a32d0c651b1de9184e3bb15460dc9d91a980d5e639ebc7bd685284bdb3e3b7c829d9ec3597327f909310
SSDEEP

24576:yoXHfLIeMUax4AbXXKM+CWRJzpagaPRGlgBV67UWIf6uc:lvcfUaCAWfryRrLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0742a343eb2ac1931561cf5dbeb23c9d_JaffaCakes118

Files

0742a343eb2ac1931561cf5dbeb23c9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8b6338165bb26bdb6bb77896ff03fbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
CloseHandle
GetCurrentProcess
LCMapStringA
LoadLibraryA
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
SetWindowLongA
CloseWindow
wsprintfA

advapi32

RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegEnumValueA
RegSetValueA
RegDeleteValueA
RegQueryValueA
RegCreateKeyA

Sections

.text
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ