6846c4c21be1ff76a489866ab07e7280_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6846c4c21be1ff76a489866ab07e7280_JaffaCakes118
Size

428KB
MD5

6846c4c21be1ff76a489866ab07e7280
SHA1

9c4ec8c04dff71a375b5d6fee768621530ed7d81
SHA256

39e184df62121083110fbfaf668b3447b85a2b03b55998801f570d2f4398efd1
SHA512

b39644fa45be5532541b29f1562520e2ee1a4bedbbe74fa772da0f602a449355fc755bcb4003d282a53e1310cc16be31ff25da51d2ab0659dd80f57e3baa544d
SSDEEP

3072:lCECCirFnj0j3DTNgaRYR+gLtah2ROc7ItZwOdggb6MA5j+E4iaKF7BPZhqhq9eb:lCPCcYj9fRYykOcqZ5gW/14HR9eUPpu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6846c4c21be1ff76a489866ab07e7280_JaffaCakes118

Files

6846c4c21be1ff76a489866ab07e7280_JaffaCakes118
.exe windows:4 windows x86 arch:x86

135f81d00b4cd80ed7880f9b48ac10f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
GetCurrentProcess
LCMapStringA
CloseHandle
LoadLibraryA
ExitProcess

user32

CharLowerBuffA
SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegQueryValueA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 409KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ