7705f77eb069d62260b594c6d3b7224b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7705f77eb069d62260b594c6d3b7224b_JaffaCakes118
Size

1.5MB
MD5

7705f77eb069d62260b594c6d3b7224b
SHA1

49749ddf437df74b28c8334d64d4b32f9e14cffe
SHA256

08edf8db6f5d2371873b6941fe70e2f1f50f10fb07e2389c28500d35e700dc31
SHA512

af971d2dec979369638efde46cc1c99660a33c06d1a939d4ffa0248c9485c30c6651d69488ce43766847a41ade40c93e51fcc8edc0fef1b80f739a50f03646a8
SSDEEP

24576:jrZ8ZQPCmFl9rOZJ9Wa14awhTa+y48ngUic/6kRgO/54CfGaI6XC:aKPCUl9qL13Ay48ngPb9C+abS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7705f77eb069d62260b594c6d3b7224b_JaffaCakes118

Files

7705f77eb069d62260b594c6d3b7224b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a505c8693a66dc854bba1234e25c1d32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
ExitProcess
CloseHandle
GetCurrentProcess
LCMapStringA
LoadLibraryA

user32

wsprintfA
CreateWindowExA
CloseWindow
CharLowerBuffA
SetWindowLongA

advapi32

RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegEnumKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA

Sections

.text
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ