07b53c5d6fefa3118ebd36229cdd3a4a_JaffaCakes118 | Triage

Sharing

General

Target

07b53c5d6fefa3118ebd36229cdd3a4a_JaffaCakes118
Size

536KB
MD5

07b53c5d6fefa3118ebd36229cdd3a4a
SHA1

31c12265ad1c2b9232f9a72008edcf9654842ed3
SHA256

b1a1165645f3c373538fc470172e3baae30e6e533b56a51453cc9455e63206f4
SHA512

9fb3ffd05f37a6a300ae626f7de89d4e87b3ca78fe13efb45939532e5418e068cf05d1c1f1178fdd14615c6f1390e03ed462e272105251ae12fc2d92a7a705d6
SSDEEP

6144:Z9dZOoBeukCkXI18MyXJZyINPuICaqQNdL8zm:h8tXaYJZPNPuICBkh6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07b53c5d6fefa3118ebd36229cdd3a4a_JaffaCakes118

Files

07b53c5d6fefa3118ebd36229cdd3a4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ef0a52bda2720330af39e2a95260522

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
ExitProcess
LCMapStringA
CreateFileA
LoadLibraryA

user32

wsprintfA
CloseWindow
CharLowerBuffA
SetWindowLongA
CreateWindowExA

advapi32

RegSetValueA
RegCreateKeyA
RegQueryValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegCloseKey
RegDeleteValueA

Sections

.text
Size: 499KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ