5bf2de09aca24d169832753d9f1c0ea7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bf2de09aca24d169832753d9f1c0ea7_JaffaCakes118
Size

536KB
MD5

5bf2de09aca24d169832753d9f1c0ea7
SHA1

5c2e78e8ae518ef97d5f58f93fb38adea5606d16
SHA256

abad4dcd85aed11c190015c38f49cb085c038a9671897d90abaa19f2fda5f7b8
SHA512

dc42bf0668151e30bca31c110d92dd327ba0871d216aa21178a1ab33c04391dc7d306f45fbb445eaca9b731b09b070f6dd7b11f56f705b637f6ceb90d3468404
SSDEEP

6144:JajAz18+GY2EsDQOMTSGFrzTqGscdU7+EAOXaiRCpJuwKZ+:0my+1sDsScpXU7+ePRT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bf2de09aca24d169832753d9f1c0ea7_JaffaCakes118

Files

5bf2de09aca24d169832753d9f1c0ea7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f29dc7ef324972d4cc62be3c3fbb7e97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
CloseHandle
LCMapStringA
GetCurrentProcess
LoadLibraryA
ExitProcess

user32

wsprintfA
CharLowerBuffA
SetWindowLongA
CreateWindowExA
CloseWindow

advapi32

RegSetValueA
RegEnumKeyA
RegCreateKeyA
RegCloseKey
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyA

Sections

.text
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ