ac9a71f7059dd9bdb3a1c1b9a57b47b2_JaffaCakes118 | Triage

Sharing

General

Target

ac9a71f7059dd9bdb3a1c1b9a57b47b2_JaffaCakes118
Size

148KB
MD5

ac9a71f7059dd9bdb3a1c1b9a57b47b2
SHA1

033ea47b889a1a08814956b3c9cb33a5f450635c
SHA256

b15b859f5d50841163fe90312f71fa43e931ba9290c8fe16a8e37ec0b13bd46a
SHA512

99c3228aac979ae8f68f512bf2677f551a7a51d1d897e0273fb1543e80035a64f6d34faf035291fcba56b605757fa0bed97be945f47a40489571039498df1f06
SSDEEP

3072:ztZVIDTqF+xQDdOEfsWgGvYooOLahYHg9n3SYaVInTcAlZoPI:ztZVL++JyjGflahYHg1m4c4Cw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac9a71f7059dd9bdb3a1c1b9a57b47b2_JaffaCakes118

Files

ac9a71f7059dd9bdb3a1c1b9a57b47b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81ad9e3163be49e144b36685bfd13585

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CloseHandle
ExitProcess
LCMapStringA
GetCurrentProcess
CreateFileA

user32

CreateWindowExA
CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA

advapi32

RegEnumValueA
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegCloseKey
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA

Sections

.text
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ