ab2d5f1c066a869d6e4d7642ec366edb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab2d5f1c066a869d6e4d7642ec366edb_JaffaCakes118
Size

46KB
MD5

ab2d5f1c066a869d6e4d7642ec366edb
SHA1

213cc2bacea55bdadfaca450e25e8c194ec9bff6
SHA256

88fa84d2d667bff0d657d677bd21982d923aa53323e6e81f3088e8e3a48a6cd6
SHA512

9aa0c56a2c3b4069069adf337a4d1766d525f801053d533a3eb8a2f03516fab3be7f2cb4a438c342216a2b9c8e73708d961e78b4ed920c65c1cda2ec10e7c456
SSDEEP

768:Ruq17xQotRBJWrZyzdOqgnUlk55Mzvy2mvRGta8AIbvN2cabZ67ASXyYD4+7H:gwQsgyBOqgnUKfMzVmvEaQbIg7ASXyYX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab2d5f1c066a869d6e4d7642ec366edb_JaffaCakes118

Files

ab2d5f1c066a869d6e4d7642ec366edb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf67ed369575747c8933978301c8a868

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
GetProcAddress
AddAtomA
FreeResource
LockResource
FindAtomA
GetModuleHandleA
FindResourceA
SizeofResource
LoadResource
ExitThread

user32

UnionRect
TranslateMDISysAccel
VkKeyScanExA
UnregisterHotKey
WinHelpA
VkKeyScanA
WaitMessage

advapi32

RegQueryValueA
RegUnLoadKeyA
CryptGenRandom
RegOpenKeyExA
CryptEncrypt
RegEnumKeyA
RegConnectRegistryA
CryptExportKey

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 798B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ