4b82669f38ee19e54bd7770a47c3cd5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b82669f38ee19e54bd7770a47c3cd5b_JaffaCakes118
Size

476KB
MD5

4b82669f38ee19e54bd7770a47c3cd5b
SHA1

7207d3009771aa2fd9cf419c21b0f835e25e240c
SHA256

7f3e225a51c75c68fd77e42580cad4bcd72a90b6d52030f87b60a8c1ddcede11
SHA512

68cc3a56e9a7ffb0015fd97582136c2a8fbb9883bdc4d91c001de28d7ee9493a6b867b4429d8fe6be3f18e7deabaf701fcebc034efd30f857d02ca5d6ed3e380
SSDEEP

6144:OVYheTWT7odzJmTlcSG9jnemd00B1dVJbsI8RXbU4JJF1bb6KHWO1J86zp8AfSWY:iYsY7FTCB0sbVJb98ZqOSD5x7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b82669f38ee19e54bd7770a47c3cd5b_JaffaCakes118

Files

4b82669f38ee19e54bd7770a47c3cd5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3090fbb34fa5cbcd23c34ff5081f5da0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
LCMapStringA
LoadLibraryA
CreateFileA
CloseHandle
ExitProcess

user32

CharLowerBuffA
SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA

advapi32

RegEnumValueA
RegCloseKey
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyA

Sections

.text
Size: 420KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cmwxaqp
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE