2731078d7573b7fac4616982f82354ca_JaffaCakes118 | Triage

Sharing

General

Target

2731078d7573b7fac4616982f82354ca_JaffaCakes118
Size

208KB
MD5

2731078d7573b7fac4616982f82354ca
SHA1

0764ebb0c7a1e7aa14aed796eeb08ffb1d13e00c
SHA256

ab045a57487520b8b39e1139c62fdb2a9f14edb00109ef7136ad5659d2d3b0db
SHA512

2d67fb3054d7caa071e84ef37fc5052d83c2f09c62ea03fbf36e0dac7c264dcdba6b58c2bc672ba5bb74ff96ad38166b3c0dcbf24363f9e179930210e43f36ff
SSDEEP

6144:B8ldq8Jc6oYVwclHAh/Mn8LGwyPu550cx4s/:BHTaNlghvGwh55xx4K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2731078d7573b7fac4616982f82354ca_JaffaCakes118

Files

2731078d7573b7fac4616982f82354ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c18f67a1fc0748584a371ee040f1c088

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
CloseHandle
GetCurrentProcess
LoadLibraryA
CreateFileA
LCMapStringA

user32

wsprintfA
CloseWindow
CharLowerBuffA
SetWindowLongA
CreateWindowExA

advapi32

RegSetValueA
RegEnumValueA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueA

Sections

.text
Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ