83492d23b852103fb5e5d42549f22862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83492d23b852103fb5e5d42549f22862_JaffaCakes118
Size

205KB
MD5

83492d23b852103fb5e5d42549f22862
SHA1

b987afc94efad1991d756ec099918631bf10f3fc
SHA256

5dd7a9d25b0a4d1c88ddc6f3ed5c32393acfeb9fadf6dd8fb2189ad30272bbe8
SHA512

8a42c6a96144538f1ee8349740c0b0e80230fac754315db8e404178fb37b89118c10696479e6a52791b5ea3d0f929b8327c53a91ca7d34609e13e0f84789184b
SSDEEP

3072:Wl5LfpH/52MjhTons4iELhoNcCYNsb4KaMf3zK1SSrLlJtE4gkuVoq1GmO4iL:kJTtkns4ZLMYNKwWzMS8LJnul1GjNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83492d23b852103fb5e5d42549f22862_JaffaCakes118

Files

83492d23b852103fb5e5d42549f22862_JaffaCakes118
.exe windows:4 windows x86 arch:x86

214e3af07bb74f54f07f4b5218274bc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CreateFileA
ExitProcess
CloseHandle
GetCurrentProcess
LCMapStringA

user32

CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA
CreateWindowExA

advapi32

RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA

Sections

.text
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ