4359d6df86304044df971be43ea96cb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4359d6df86304044df971be43ea96cb8_JaffaCakes118
Size

444KB
MD5

4359d6df86304044df971be43ea96cb8
SHA1

a4d4032601c91cf41b6ff87ae681909abee005d3
SHA256

045c071949646996c478f4cacdf89666efb9fa78c20971dfe732c43b430773aa
SHA512

4a4fb025e28fca15fe842dfc9577ff8d0ae297fb7b2d097912d50586f0904a57828af9e3e179b3e15f92996c3b03ae4b06ff5f7799f7da9b954ab53c9adaef1e
SSDEEP

6144:MEt5rJrpJKQOIykruYCvkJ29ENOdkVievqHxqFu5w8qq0iTHWNW0aB5ah:MELJbrru1vK2GN+muxji8rxCW0aKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4359d6df86304044df971be43ea96cb8_JaffaCakes118

Files

4359d6df86304044df971be43ea96cb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2db3076280fdbba797b6bb43866f678

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
LCMapStringA
ExitProcess
CloseHandle
GetCurrentProcess
CreateFileA

user32

CreateWindowExA
CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA

advapi32

RegCreateKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueA
RegDeleteValueA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegEnumValueA

Sections

.text
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ