2dd52d87b93d70b03cd0563a6c9f4952_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dd52d87b93d70b03cd0563a6c9f4952_JaffaCakes118
Size

1.6MB
MD5

2dd52d87b93d70b03cd0563a6c9f4952
SHA1

4557fb8cb9e8e2d69e21abe6f31f2856c15d8a4c
SHA256

980da9431af1cb36a9309265077ba3c6b5f4cb953df061c03d82507afe250c49
SHA512

bd7a02af9ae2b3216cf2ed3533501612913845fa400eb1181d8b4f9aad4c805f16613a840fdc57bdc09078c720092d617662beda06821cb867f74e9d5a823f7f
SSDEEP

49152:ar07rozyCIJBMDxR/LOXwgBQc7f1cz6G2mqmQmJZno:arcrMy8xRjOBtI6PmZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd52d87b93d70b03cd0563a6c9f4952_JaffaCakes118

Files

2dd52d87b93d70b03cd0563a6c9f4952_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ae0e9a414d39c9def53f1295677a964

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
CreateFileA
HeapDestroy
HeapAlloc
HeapFree

user32

SetWindowLongA
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegEnumValueA
RegDeleteKeyA
RegSetValueA
RegCloseKey

ole32

CoCreateInstanceEx
OleRun
CoGetClassObject
CoUninitialize

Sections

.text
Size: 1.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 53KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE