62f50b15e0eaf040931ee33474a24edf_JaffaCakes118 | Triage

Sharing

General

Target

62f50b15e0eaf040931ee33474a24edf_JaffaCakes118
Size

189KB
MD5

62f50b15e0eaf040931ee33474a24edf
SHA1

9488af6543b5ea1f2f44854470b0e9cc05374352
SHA256

0786308625299e50659764867872baf059d9eec50a0b341b0a14ee4655af31eb
SHA512

228584c5d8e0d4ddcbc3356d6b254386873315bceb60ebca8ca31ea853757745a1f6a5cebe7be54dbc6d346ee302aa77d045c68de779efccf40571fc10f6a9c4
SSDEEP

3072:8FDNm7sukClDvtjeowD7HrTjNP1ZUoWoQpY86/1zQZ9WaU+d:8FDNXuMoGzrNPZco1haV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f50b15e0eaf040931ee33474a24edf_JaffaCakes118

Files

62f50b15e0eaf040931ee33474a24edf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b89aae2c0fac8bb72ba5ca8976fb956c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
ExitProcess
CloseHandle
LCMapStringA
LoadLibraryA
GetCurrentProcess

user32

CreateWindowExA
CloseWindow
wsprintfA
CharLowerBuffA
SetWindowLongA

advapi32

RegEnumValueA
RegQueryValueA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegEnumKeyA
RegDeleteKeyA

Sections

.text
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ