a1b4469dd5a43e6aaa5f6727ef2b5546_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1b4469dd5a43e6aaa5f6727ef2b5546_JaffaCakes118
Size

174KB
MD5

a1b4469dd5a43e6aaa5f6727ef2b5546
SHA1

32fe159e1e597dd57e15a309b97eb5d656fb05d2
SHA256

2ef5b348aaf715e3841a8919cd0eab1d39d1a53f0ec6a9b34aac056fed6bac17
SHA512

7209a8d9d1201a757ea58369f090d059559996bbe72ea2cfefa6a27df1a671a5800dcf05ebec3d90922191e281c176e7ccfba4e0309dd0d708b8d52b5fd9b500
SSDEEP

3072:veuWkuutTNJNJn5X0tGrFHL8gchd6bWGPTE6WN/asQr:venduDJNJn5EtU7k6bXTErds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1b4469dd5a43e6aaa5f6727ef2b5546_JaffaCakes118

Files

a1b4469dd5a43e6aaa5f6727ef2b5546_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aed102b3ebc5d23d0f51136328dd79a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CreateFileA
CloseHandle
GetCurrentProcess
ExitProcess
LCMapStringA

user32

SetWindowLongA
wsprintfA
CreateWindowExA
CharLowerBuffA
CloseWindow

advapi32

RegEnumValueA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegQueryValueA

Sections

.text
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ