73ba351ebe2c3a7990f52d038b55b969_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73ba351ebe2c3a7990f52d038b55b969_JaffaCakes118
Size

163KB
MD5

73ba351ebe2c3a7990f52d038b55b969
SHA1

62b6a2c5a5a52497943db1418f4ec582717b915c
SHA256

63010ead86c9384884bd08c0f1a3a70243877b4abca49aef497af553b8ef8717
SHA512

9ff9b69656faebbe43aead72c0f09d491230c38472cbe26939c6e0c38850f38a2d157b35cd0994741d788423731ac125eb046762ad32169abf5bbd7ff93fb412
SSDEEP

3072:HvnDM2xbJXIfz1gvPiVf7rBeArwgv/xuC2ZbBQ0L0qFCqaJYcE5TjP4Zqp:PDMibBXiZrjkg/xuC21KU0WcnEkq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73ba351ebe2c3a7990f52d038b55b969_JaffaCakes118

Files

73ba351ebe2c3a7990f52d038b55b969_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efb7859d18ec89340274c12055ff0151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
CharNextA
GetClassLongA
CharLowerA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA

kernel32

GetThreadPriority
LoadLibraryW
TransmitCommChar
LoadLibraryA
EnumResourceNamesW
ExitProcess
FreeLibrary
GetProcAddress
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ