950954017680cea71c42370f3b32d322_JaffaCakes118 | Triage

Sharing

General

Target

950954017680cea71c42370f3b32d322_JaffaCakes118
Size

456KB
MD5

950954017680cea71c42370f3b32d322
SHA1

f7c96cf7aa1f907aa8822e04e5ab249be124aee2
SHA256

6d26ca1e948f525b8612c250092413015a4b5a5082ba6f4b3177bc24f7412692
SHA512

47cc0aba7a52746cac1dec9c3a2426b823b3f2d59145b751cd1d5c23854b8bd24a5e97eaa4c79481e94b1dcb86e51263703326dc8e161a5ab13b6a399c441ebe
SSDEEP

6144:AV3E1jmpqY8yjLqMrmUw6lI5X44Dp8gyeiijMaaUjWFskKrDOsSpbsHekdYG+gqb:AV3EspWaLJc6i6YlzvkKggew8vl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
950954017680cea71c42370f3b32d322_JaffaCakes118

Files

950954017680cea71c42370f3b32d322_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f62c5aa025db2046f03586587ec4d02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
LoadLibraryA
GetCurrentProcess
ExitProcess
CreateFileA
CloseHandle

user32

CreateWindowExA
CloseWindow
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegEnumValueA
RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegCloseKey

Sections

.text
Size: 411KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ