a6011e3dee4dd189e4a811e57b317a43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6011e3dee4dd189e4a811e57b317a43_JaffaCakes118
Size

36KB
MD5

a6011e3dee4dd189e4a811e57b317a43
SHA1

c332dd1780b6b19114f672f73394fd26e0584172
SHA256

466406b7976ff6d87e2398ee4bc7ddab75fde2917db51d9e82b0b435f6c18ca9
SHA512

0b91daeac8ce89851cedd6cfbaf83833446416dd8325213216cd6a8f80bae3d55de3e8ca9e366e24085118cebbf7bcbabb8c5b0a5a03cfac9a1be9ff6b19bd77
SSDEEP

768:yNbuW3TmgCJDzY7M9v1LJ0k7zRkJMAiC20NVwlA53u93hl:yNhmLDzY7M9v1LJn+MAiC20P5u93hl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6011e3dee4dd189e4a811e57b317a43_JaffaCakes118

Files

a6011e3dee4dd189e4a811e57b317a43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b46af3e8553c2e700c950e9f8da2ab60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualFree
GetLastError
ExitProcess
VirtualAlloc
LoadLibraryA
CloseHandle

user32

GetForegroundWindow
SendMessageTimeoutA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE