5c36b4095d44ffc5953fc4de78a9748b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c36b4095d44ffc5953fc4de78a9748b_JaffaCakes118
Size

152KB
MD5

5c36b4095d44ffc5953fc4de78a9748b
SHA1

eb865836c58698460f43404b743c08978cb2fbf0
SHA256

27b1b1868d5328644a57c244b1d2a4e1e993c262ba88ad714c4ba1b5b6279c98
SHA512

a22b90e52a8729212cd20bdcc8546e303f1d8c55b9475d97921e23ecda9583bd638b94b40436eeab5e44799c98574a84a05091597a7163f8793354788eccbe2c
SSDEEP

3072:4BNTgF6alMIZS9WWH1BOUlQ2koFMv1DXzUGPS:43ba6IZ7WH14OQvL9frS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c36b4095d44ffc5953fc4de78a9748b_JaffaCakes118

Files

5c36b4095d44ffc5953fc4de78a9748b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97ce89666d4261a7007e8f6edf6c8178

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
LCMapStringA
CloseHandle
LoadLibraryA
CreateFileA
ExitProcess

user32

CloseWindow
CreateWindowExA
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegCloseKey
RegQueryValueA
RegCreateKeyA
RegOpenKeyA
RegSetValueA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA

Sections

.text
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ