3e7ab3b00f30c17f99a69947a35d2456_JaffaCakes118 | Triage

Sharing

General

Target

3e7ab3b00f30c17f99a69947a35d2456_JaffaCakes118
Size

161KB
MD5

3e7ab3b00f30c17f99a69947a35d2456
SHA1

f8b9ed2d9842d26131ec7ced392b149478475a56
SHA256

a886d485bc7c508f70c3dce562759e1da7e75103e3cfef9ef9e1438ee6c8066a
SHA512

9c35d887dd667b03eba3ebf0610621af826318134b0bf618ee08578e69fa1d3dcefd7762cfb63a395d4f2fe774ecd1fc31d7a79cd0e2d232161a6f84b7006aad
SSDEEP

3072:Xogqn+GwRYeJOj1qyPUulJ0tTm5kyFrb+V0gbM6coOv35CTN4iNbY6kFAT:4gAcWfUul6w5koCVXVcoAcTN4iS6xT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7ab3b00f30c17f99a69947a35d2456_JaffaCakes118

Files

3e7ab3b00f30c17f99a69947a35d2456_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f4b508b4bdb9aa3f9d4b1307b5d60c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LoadLibraryA
ExitProcess
LCMapStringA
GetCurrentProcess
CreateFileA

user32

SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegEnumValueA
RegQueryValueA

Sections

.text
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ