ab9f895019314b6474cf3df2ff8dfe86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab9f895019314b6474cf3df2ff8dfe86_JaffaCakes118
Size

160KB
MD5

ab9f895019314b6474cf3df2ff8dfe86
SHA1

2fe46be89d9c05eddbe47d922e0f43b8b1718eaa
SHA256

c439a31b47e070e69e94b9438c7f8ffe1d73fd91e8633e7dec36ac3ca56b2bd6
SHA512

23ec993dd8523de740fb21fa2cbc8b87c309c8340f7dd69be440be798bb8fa4961b088a93a85a071bb8259199269bd74081545ace4373fe8103e7917b0a4babd
SSDEEP

3072:xIpjNkljBE6pL6A4fP40CVc0DfNhnBZdNNB4GlJA2aj41nhH:2pjAQZfP4Hc0DfBZdt4GlJAP41nhH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab9f895019314b6474cf3df2ff8dfe86_JaffaCakes118

Files

ab9f895019314b6474cf3df2ff8dfe86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3a89a3d4a3bbe9c660b4dc99ec44903

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
CreateFileA
GetCurrentProcess
LoadLibraryA
CloseHandle
ExitProcess

user32

CreateWindowExA
CloseWindow
wsprintfA
CharLowerBuffA
SetWindowLongA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey
RegDeleteValueA
RegEnumValueA
RegSetValueA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA

Sections

.text
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ