433bf7c4ada51c18d950e845ebf58e3d_JaffaCakes118 | Triage

Sharing

General

Target

433bf7c4ada51c18d950e845ebf58e3d_JaffaCakes118
Size

196KB
MD5

433bf7c4ada51c18d950e845ebf58e3d
SHA1

ab7c9eb2fda434a5b3580595ccf1369a6cc46895
SHA256

6ae779a9587f4c02fbc4559680effef419902cac40d76aeba0cc0b8d622511ef
SHA512

870bdd31e2807fb82714ea6015d65e884e2d097a3701774642f0505d98805f024ebe8945905fb33134fb34f94f4d87fa23a37a95751ad18e33779690c31ed1ea
SSDEEP

3072:XMmA4WBrmoqhyKtQo1KQunLsKcQEi/WNTQTEfbDU8fJVr1uNuMV0jTMAr7CtHUx6:bA1lpoPuLjcjNTQ2bDvJSNVITt7I0C1B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
433bf7c4ada51c18d950e845ebf58e3d_JaffaCakes118

Files

433bf7c4ada51c18d950e845ebf58e3d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4a42db000dd86a7fc6d216a48fce0db9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
GetCurrentProcess
ExitProcess
LCMapStringA
CloseHandle
CreateFileA

user32

SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA
CharLowerBuffA

advapi32

RegSetValueA
RegCreateKeyA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA

Sections

.text
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ