376075de6d3b2e970e03ca082cb6af81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

376075de6d3b2e970e03ca082cb6af81_JaffaCakes118
Size

168KB
MD5

376075de6d3b2e970e03ca082cb6af81
SHA1

25534a637f2d0f84abe9a2629e02a7fad74e3eca
SHA256

75bd34fb417c6f158867147d82c9b3246df3a1c8e1c49b6c811516e62f6b0e90
SHA512

4d4320b652d3c003fb43382d2eda9b0f2f3e63d4cad41176b188916c4d56b579f0623a8c8f68231cfcaf8fbc9e4e1c90937696d041fc144c7f3c92588b128af4
SSDEEP

3072:G2ph3fnv3zF5saLPBJsSCGwYxYOl/1uGc3niP3lp+tj2XyvJL6j:nfnv3J5saL2jYl/MJXolp+B2ivJL6j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
376075de6d3b2e970e03ca082cb6af81_JaffaCakes118

Files

376075de6d3b2e970e03ca082cb6af81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8550b3fbc20edd30394c0ac70e30ec3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
LoadLibraryA
LCMapStringA
CloseHandle
GetCurrentProcess
ExitProcess

user32

CharLowerBuffA
SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA

advapi32

RegDeleteValueA
RegCloseKey
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyA

Sections

.text
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ