238a9f3f9d3f07f2e6394292b741b806_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

238a9f3f9d3f07f2e6394292b741b806_JaffaCakes118
Size

260KB
MD5

238a9f3f9d3f07f2e6394292b741b806
SHA1

e0d66c3955d46374dab1281a31b07477c5cb698b
SHA256

f52ff81e7161804b0aae3dcc3a8cd1e2f234198ae8189a20b3a414c2713cd361
SHA512

62c3603c56794e30db888034ce96be89103956e886a5d8ab5007698f6d53d5457fdc7e73c1dd74825b21539939f992ea83b6c180c7206ee0b90c2bbd136e41b0
SSDEEP

6144:fzwbbUI/nEgNBoQw/SZY1mUhnExnuclPhpPTZwx:bq/n10KaZIuAPh5Te

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
238a9f3f9d3f07f2e6394292b741b806_JaffaCakes118

Files

238a9f3f9d3f07f2e6394292b741b806_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60e66e31722f6163ff4c3de41c954f63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
CreateFileA
ExitProcess
LCMapStringA
GetCurrentProcess
LoadLibraryA

user32

CloseWindow
CharLowerBuffA
wsprintfA
SetWindowLongA
CreateWindowExA

advapi32

RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyA
RegEnumValueA
RegQueryValueA
RegSetValueA
RegCloseKey
RegEnumKeyA

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ