5da2bf0f3697167c4bb5b6a289aa42eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5da2bf0f3697167c4bb5b6a289aa42eb_JaffaCakes118
Size

160KB
MD5

5da2bf0f3697167c4bb5b6a289aa42eb
SHA1

de354a3a30558606f62627949b8bd752d276ac2a
SHA256

be5574cd2bea31ca2259a0e1dcc9bd3e4783903f809b8e1fb52b25a0e0f8a52e
SHA512

35b163ca0ae074aa0e5f409a3ad0cf4d18b6a16445caf7244ed60f1e6397c9a18b4d19a5c8b7c3afeec618dcbce8b8192157c6c7509c433229afe635761db98b
SSDEEP

3072:D77Tsqq+sLuwaLU3ALPP9GxAlfmfRTt41AIkwLGyPS+8TV52GVrhpmmy:f3sqcPALtwq2A1NkwiyPS+8qGBhly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5da2bf0f3697167c4bb5b6a289aa42eb_JaffaCakes118

Files

5da2bf0f3697167c4bb5b6a289aa42eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b2d8ea879798afe23dd0f16992dd936

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
LoadLibraryA
GetCurrentProcess
CreateFileA
CloseHandle
LCMapStringA

user32

SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA
CharLowerBuffA

advapi32

RegDeleteValueA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyA
RegQueryValueA
RegEnumValueA
RegCloseKey
RegDeleteKeyA
RegSetValueA

Sections

.text
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ