232b8e0efb067883f9ce571793035e24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

232b8e0efb067883f9ce571793035e24_JaffaCakes118
Size

72KB
MD5

232b8e0efb067883f9ce571793035e24
SHA1

dd0e4fc7f7713094697d2a157887e9fe9efe0271
SHA256

c7dbd6f9015eb1f6d430a2471490949fbdcaa3b5ad818d0f889c2ce38fb2af7f
SHA512

b5033cb03eb6b25b1e1e9426d487472e3212613494c8997f51d4c325d1faf58f720abdb6d857e74827d3e50157f0efbb5b08961832c9e5d57d42540c9c0a547a
SSDEEP

1536:SN8Fbv5UAMBXSAo2nAq+uIZ6hhJUEbooPRrKKRZgLyhYWDO:Siz5UvkAo2Aq+vZ6hhJltZrpRmFWDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
232b8e0efb067883f9ce571793035e24_JaffaCakes118

Files

232b8e0efb067883f9ce571793035e24_JaffaCakes118
.exe windows:1 windows x86 arch:x86

072dab0e31af5e6fe27339b68f07d9ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegEnumKeyW
RegOpenKeyW
RegEnumKeyA
RegSetValueExA
RegQueryValueExW
IsTextUnicode

kernel32

VirtualFree
GetFileSize
VirtualAlloc
GetModuleHandleA
WaitForMultipleObjects
SetLastError
SleepEx
CreateFileW
MoveFileA
WaitForMultipleObjectsEx
CreateMutexA
VirtualProtect
MultiByteToWideChar
LoadLibraryA
LocalAlloc
GetProcAddress
GetTickCount
ExitProcess
VirtualProtect

user32

SetWindowLongW
SetTimer
GetWindowLongW
RegisterClassW
MessageBoxW

Sections

.data0
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ