bd563920a0c52b7d4645f31a574b33cc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd563920a0c52b7d4645f31a574b33cc_JaffaCakes118
Size

196KB
MD5

bd563920a0c52b7d4645f31a574b33cc
SHA1

8140c4676b5e637db2b512eb57997c8707a2a570
SHA256

e07ec26be699e03a611eb99b02edbd7063da3260e6745a41ce50b8b6dfce5dd5
SHA512

22864367e87be43fc4a6da49f7a40515e658447bb155152f292ddcf36fa3d877edf6a8e26b354fefffd528ac23ede58c041d715f037d8def4745d44713a4ffd0
SSDEEP

6144:HB/FTOJw3eehe1bK/r9ReeOBwCeEPCsGaod:zoeaKieO3enBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd563920a0c52b7d4645f31a574b33cc_JaffaCakes118

Files

bd563920a0c52b7d4645f31a574b33cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eae56a420efaddc90456a80c9c5b4b60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LCMapStringA
CreateFileA
LoadLibraryA
ExitProcess
GetCurrentProcess

user32

CharLowerBuffA
wsprintfA
CloseWindow
SetWindowLongA
CreateWindowExA

advapi32

RegCreateKeyA
RegEnumKeyA
RegDeleteValueA
RegSetValueA
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegOpenKeyA
RegQueryValueA

Sections

.text
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ