b6b73eab6e9f2b280b066d0ec1b20ddf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6b73eab6e9f2b280b066d0ec1b20ddf_JaffaCakes118
Size

152KB
MD5

b6b73eab6e9f2b280b066d0ec1b20ddf
SHA1

f1e606a31fcfcc1b6a822020f4ad37c166fc7826
SHA256

b63697d87d1a6bbbd89dcbe99c2f3ae7c71666538f781dedcc0c3e953e052963
SHA512

5328688822571f2205c148fed2f190e3fe7097d8eece72feb4838ba6bf5773f4a34d6e52deb19cd5630dc5626f1faf21d8c951daf2bc429a2f3478d13e71b461
SSDEEP

3072:UPikuqn4nHHb0bNDkar3uCSx3IoqE3wzXSkIwqFBCvPUc0rLqM:giXxnHYRzrXSx4B9IBePUc0rP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6b73eab6e9f2b280b066d0ec1b20ddf_JaffaCakes118

Files

b6b73eab6e9f2b280b066d0ec1b20ddf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d5df027954ac40c1b810e8b14544032

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CreateFileA
CloseHandle
GetCurrentProcess
ExitProcess
LCMapStringA

user32

CloseWindow
wsprintfA
SetWindowLongA
CharLowerBuffA
CreateWindowExA

advapi32

RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegDeleteKeyA
RegQueryValueA

Sections

.text
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ