34c4c24f4cc1f4b741170d7f0f3ca450_JaffaCakes118 | Triage

Sharing

General

Target

34c4c24f4cc1f4b741170d7f0f3ca450_JaffaCakes118
Size

245KB
MD5

34c4c24f4cc1f4b741170d7f0f3ca450
SHA1

f67390a233a9684cef789c0f2b671c0869e21f2e
SHA256

43e669cf4495079fb21ae3ca32b8d3c3d27d272857eaf3a852c62b3e6c7b71d3
SHA512

a4156f1e3e67b7a44a2682fca869c02e7930407323db28ecf1008b2a4098fe59c5cf8e950a7258f684dc24ca0a5551df12b032aa87f11dbb013c60af735df60e
SSDEEP

6144:aX3YaAfXjCGYmahIzTRoB32l6KE+54WnsrPQRUaEE5ts+/Dz:sKXjCGYNm/eB3QqXrPiUaEki2z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c4c24f4cc1f4b741170d7f0f3ca450_JaffaCakes118

Files

34c4c24f4cc1f4b741170d7f0f3ca450_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8cc5183bb98332bc713ea9df2bb28fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
ExitProcess
CreateFileA
LoadLibraryA
LCMapStringA

user32

wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA
CreateWindowExA

advapi32

RegDeleteValueA
RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegCloseKey
RegSetValueA

Sections

.text
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ