a32c741000fc0c5de3aedbc6b870471a_JaffaCakes118 | Triage

Sharing

General

Target

a32c741000fc0c5de3aedbc6b870471a_JaffaCakes118
Size

200KB
MD5

a32c741000fc0c5de3aedbc6b870471a
SHA1

41e102ee1da1fc0a90f20ecc9e4bb1340242cc6e
SHA256

751164973b91d29bd3d4d90f148394b21c0bddf18e51a64e0cfa01e52e3b1694
SHA512

ce539336815ebeb37259fd4c4c288dd7dd0f2e32c6e2c10b2920f21ed96bea918e91eca7ce8a1e32ed74271ddaa6415f366f636689eaf0ec3e9814ecde0f71f7
SSDEEP

3072:vmS1VEywo0k1YV7b9ChUibgzDfyjnEMVKFHTFfyLp+r0KpZvpbhO5H91HET:+UVuhgYK/beD6jnMHTFfl0wZvsH9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a32c741000fc0c5de3aedbc6b870471a_JaffaCakes118

Files

a32c741000fc0c5de3aedbc6b870471a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59d2648f9e6521fee3c1c7caa510f361

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
ExitProcess
CloseHandle
LCMapStringA
LoadLibraryA
GetCurrentProcess

user32

CharLowerBuffA
CreateWindowExA
SetWindowLongA
CloseWindow
wsprintfA

advapi32

RegCloseKey
RegDeleteValueA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumValueA

Sections

.text
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ