1ae5903a3793a782161abf62040b365a_JaffaCakes118 | Triage

Sharing

General

Target

1ae5903a3793a782161abf62040b365a_JaffaCakes118
Size

664KB
MD5

1ae5903a3793a782161abf62040b365a
SHA1

b63daf8490d3a78a2412457fe6542ae9afbb4c42
SHA256

95a504ddf8de2fd3275ef5bd8483353eb923332a577678da0079c57133b62449
SHA512

0a684b06e04ac817f863de9e75035e1f4ccecc5b550e6ddab355bb8bf9bd456df157fc5d2b15a821a67f05843f145ae7bbe9fea519661168c0d2a5507669d52b
SSDEEP

12288:wHNlojJlsYW5SbKxDHUeFpM6prkQAYvzFH3/KTUNwXIZ3fmb1RZGd:qLeJlsv0KoeFp3phAg9S43fmxGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ae5903a3793a782161abf62040b365a_JaffaCakes118

Files

1ae5903a3793a782161abf62040b365a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc5bec279cff1f5c5031904ac99783c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
LoadLibraryA
CreateFileA
CloseHandle
GetCurrentProcess
LCMapStringA

user32

wsprintfA
SetWindowLongA
CloseWindow
CharLowerBuffA
CreateWindowExA

advapi32

RegCloseKey
RegSetValueA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegEnumValueA

Sections

.text
Size: 485KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 324KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ