427ab3ecb595e4291c9ede4725661c17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

427ab3ecb595e4291c9ede4725661c17_JaffaCakes118
Size

196KB
MD5

427ab3ecb595e4291c9ede4725661c17
SHA1

608bbf5fcfe5d5fcf644ce60f1f77348262e1c4b
SHA256

8c46cd3d18c433f6d159e3e34db7389014eae63460fef11d50766d11b1d550e6
SHA512

d939318d62a6878f9353335cd4c417bb2856e9861d1eab8700235638efd52748daf5d2b7146f1347a6187ed5e64f8884b8846610025545666d396ccd48f23ca8
SSDEEP

3072:kcUbIxZfb3dCwL497P8yYEuvvKMSSBDAxlfRrGLY3Fn/9xmMIkg96zEo:jUkbb3dCw09I/MMN859xmSfzX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
427ab3ecb595e4291c9ede4725661c17_JaffaCakes118

Files

427ab3ecb595e4291c9ede4725661c17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d68ca67164646bcb5d71a91fdb747c2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
CreateFileA
LCMapStringA
LoadLibraryA
CloseHandle
ExitProcess

user32

CreateWindowExA
SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA

advapi32

RegDeleteKeyA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegQueryValueA
RegCreateKeyA

Sections

.text
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ