5ce1a3943020b9f805bde00332cb616c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ce1a3943020b9f805bde00332cb616c_JaffaCakes118
Size

213KB
MD5

5ce1a3943020b9f805bde00332cb616c
SHA1

248a98f8bda507aac8785feb0e9ca468674e7c66
SHA256

69e4d58284075da37a8eac9832692ae112bcf612a77809b23ca57bdbb3ee300f
SHA512

4f7ba2ee2e039c8003f17aa4211aa6e38c5787e66b3020e58fb5342ed79c1b837a2a1ccb92ba98e4a136fb23e957f13845651373dc2d91d4735e79e7b06f1faf
SSDEEP

6144:SKx6dHWqqMqszfWOjzSM1oQDt6g/+mcraCXhALkd:SKYd11OWSgOUTCxAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce1a3943020b9f805bde00332cb616c_JaffaCakes118

Files

5ce1a3943020b9f805bde00332cb616c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a721c3a2e628cbdc9c887b56adc0668

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
CreateFileA
GetCurrentProcess
CloseHandle
LoadLibraryA
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
wsprintfA
CloseWindow
SetWindowLongA

advapi32

RegQueryValueA
RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegOpenKeyA
RegEnumValueA

Sections

.text
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ