8d0ba9da665b014fc05b241c5c6cd5f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d0ba9da665b014fc05b241c5c6cd5f0_JaffaCakes118
Size

152KB
MD5

8d0ba9da665b014fc05b241c5c6cd5f0
SHA1

e12c0a5bd4cb01ace091e2765e0a1bf868f1a8bf
SHA256

0151858fd450237870de5b0b6b70b64fb00c65163fdc833f5d5b4fac51a27a67
SHA512

6df3f72d767455903358b00179b4715d65fdfe53d69c2ed5683e88f69ea3bcb137395678f4e00ad4d402a3418d2b8870dcf0984560cb9fa93093da60ceba5be9
SSDEEP

3072:ZYX/pLkegEfCZAsHJufzcatkzH0c63QQVutbEUJNY6Pyo+gIZFawM2N3M+:ZOLkegEfCZAFQaw0csDVutIUNeBRUh27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d0ba9da665b014fc05b241c5c6cd5f0_JaffaCakes118

Files

8d0ba9da665b014fc05b241c5c6cd5f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2a4b4b1de36ce3a41b6fba2f5eb5b63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
CloseHandle
GetCurrentProcess
LoadLibraryA
LCMapStringA
ExitProcess

user32

wsprintfA
CreateWindowExA
CharLowerBuffA
CloseWindow
SetWindowLongA

advapi32

RegDeleteValueA
RegQueryValueA
RegEnumValueA
RegOpenKeyA
RegSetValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey

Sections

.text
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ