3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118
Size

172KB
MD5

3a27a9e21ffad0c81b9423908abfee7d
SHA1

bb27389f2b16188f78d8ea0626000ca4b0b9edca
SHA256

09e74f5599f70935fd4e8b159dc29a4383d789ef866b4c6b0566fb23698d3f13
SHA512

b8b00ac94a83e7cda29cb1fbb1f6d514e1ad472ed0b4e91aad72a8fd1ecbdec50c4b6f3eee4680ddcad0c61cc155615d091acb128bd83a803b28c453c6eed9b9
SSDEEP

3072:Lal7c1kbn/yfuDNTGVP85bNDN0LTzWra6/NaZY/XX8iSat82MG6QyE8+AqmUFIrb:y7CqymD8VPk5OnH6UZKXKjpPK2J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118

Files

3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bafd380e9ce02197d15aa07ecda951ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
ExitProcess
LoadLibraryA
GetCurrentProcess
CreateFileA
LCMapStringA

user32

CreateWindowExA
wsprintfA
SetWindowLongA
CharLowerBuffA
CloseWindow

advapi32

RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegQueryValueA

Sections

.text
Size: 147KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ