0ceb09e41c2b329cf665dbbbaf820f91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ceb09e41c2b329cf665dbbbaf820f91_JaffaCakes118
Size

404KB
MD5

0ceb09e41c2b329cf665dbbbaf820f91
SHA1

b2a794d37bba4bee8649254a687daaeddf5a03c7
SHA256

3a685f2a60459bd502c4c9400a824a54f52b3bca0dae65f34192cd79156340a2
SHA512

f6fe4dad6cba599f896bb476cf959da031b1adea8c0caabe0a89d5e5297e37c2a6fb475cd246c95f21eafd4436ab8017a9d21e226367b63b0f523687d6829d21
SSDEEP

12288:QBSJt0ZAUdly3X5U5adaLXjqnYuRNaRwd5Fa4fiNQnYRFiv:QB2Wu3X5U2nYuGid5LiGnrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ceb09e41c2b329cf665dbbbaf820f91_JaffaCakes118

Files

0ceb09e41c2b329cf665dbbbaf820f91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9a493229664dd16d824dda28724a9e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CreateFileA
ExitProcess
LCMapStringA
GetCurrentProcess
CloseHandle

user32

CreateWindowExA
CharLowerBuffA
wsprintfA
SetWindowLongA
CloseWindow

advapi32

RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegEnumValueA
RegQueryValueA

Sections

.text
Size: 381KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ