676c2d5721214cc01d24cef423f91ab0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

676c2d5721214cc01d24cef423f91ab0_JaffaCakes118
Size

113KB
MD5

676c2d5721214cc01d24cef423f91ab0
SHA1

f45eacaf362ffcc17b9214550ef0ad6a964f6806
SHA256

209285a7fc013ba5e8cd85d21796a6f430d3693ea5c44224ce509e1d125ab8ef
SHA512

7ef0d1ee0a38441b60e9bf23b6317a39481d2a5170a99fc6cfab98e1093da668eeb569d5d51a63011bb760fcff8955b1a29c04efc51dde9cf9bb9c46f3d3eebd
SSDEEP

3072:8BHlzvXs3x03deS6g5D7I55SYTcLryzSzv:8cxszM5p22zS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
676c2d5721214cc01d24cef423f91ab0_JaffaCakes118

Files

676c2d5721214cc01d24cef423f91ab0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee4433a3da98cde31c31a2e9ecdabb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

user32

GetActiveWindow
PostQuitMessage
SetWindowLongW
ShowWindow
TranslateMessage

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ