8daf9a902ca3b8a5d026219708eba670_JaffaCakes118 | Triage

Sharing

General

Target

8daf9a902ca3b8a5d026219708eba670_JaffaCakes118
Size

184KB
MD5

8daf9a902ca3b8a5d026219708eba670
SHA1

404143e0ba9a161ff23740f537b8eb4a73686b23
SHA256

bcc0a5e30ba0fe45a74c13ee22fa3b61b66e08546aaf12f4ab3edec76197bcc3
SHA512

a58bdce7dc3b3d9c763e505da7e89cb48f6a82a7fa02dd8c8976db2fa2a5fb79dbbf0dfa0287f7a751f077da3907c5bcd18e0de9dcadfa8cbae29e81a432af00
SSDEEP

3072:gNeNKvqNsPN3+jViCibcn195X7yjHtiwsIrWzILqt0b1anQOg6:7NKy43CiCecnZryQwscWxqb1aO6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8daf9a902ca3b8a5d026219708eba670_JaffaCakes118

Files

8daf9a902ca3b8a5d026219708eba670_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6da09597f0f68b1d08cf57b35f7a74ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LoadLibraryA
ExitProcess
LCMapStringA
GetCurrentProcess
CreateFileA

user32

SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegEnumValueA
RegSetValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyA
RegQueryValueA

Sections

.text
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ