84ee9a9d8b5e23d2a965014af49e8761_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84ee9a9d8b5e23d2a965014af49e8761_JaffaCakes118
Size

197KB
MD5

84ee9a9d8b5e23d2a965014af49e8761
SHA1

d5e18593bd0f93ef2cd7e72b9a92f18f2c62060b
SHA256

16190276ab0b79417acc4437b5a81deb162f45ce5359d1cedbf1ab34ae431f2b
SHA512

dc7209de2bdff84a684a47d7aec790a7884e9c7552f58efe0c51e89c5a9bd1394eaa1c644aeb7e628160f7af6efacf6cb7e943896c537b92ee57514244cb60e0
SSDEEP

3072:d8F8TYX6UdogH9H/TaZlKavdqguCx+kaVUV5Fvs8KSmkNr1zfJciPnJpTy:u8WqgH9ba1qeszU1eSmkBhJciry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84ee9a9d8b5e23d2a965014af49e8761_JaffaCakes118

Files

84ee9a9d8b5e23d2a965014af49e8761_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a320c5d31a259de5b28310745ef8e426

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
LoadLibraryA
CreateFileA
ExitProcess
LCMapStringA

user32

CharLowerBuffA
wsprintfA
CreateWindowExA
SetWindowLongA
CloseWindow

advapi32

RegCloseKey
RegSetValueA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA

Sections

.text
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ