439c1f3a117e3439bbeac1c247f5835b_JaffaCakes118 | Triage

Sharing

General

Target

439c1f3a117e3439bbeac1c247f5835b_JaffaCakes118
Size

176KB
MD5

439c1f3a117e3439bbeac1c247f5835b
SHA1

59a12db6eba0a6d5d32be75032f7a939ac3e751b
SHA256

3808ec5e569bdd7824d1921ff9486f72d681e7b3082162ef3d0189fb602ac1d2
SHA512

7f7bc219e84dd4df38f8db0e56adce21ce683b6fb184adbc2fab8904d4649f129b7eccb4921039c49c32bd24dc440a83fe93cf8c7c85db746a71b34e0bdac1dd
SSDEEP

3072:U7BeZu4hrG0a3U4Bcn6+6NgEcAiPLguF25c0uS22TS24LhKlO5p3MbvpVm:U9d480ak4Bcn76SAmsuF22i22TS24Lhz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
439c1f3a117e3439bbeac1c247f5835b_JaffaCakes118

Files

439c1f3a117e3439bbeac1c247f5835b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

149df74232212ebef6dd638262917595

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
CloseHandle
GetCurrentProcess
LoadLibraryA
LCMapStringA
ExitProcess

user32

SetWindowLongA
CreateWindowExA
CloseWindow
CharLowerBuffA
wsprintfA

advapi32

RegSetValueA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA

Sections

.text
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ