bf4ae49ec19d15c2cd3550c74ea258bf_JaffaCakes118 | Triage

Sharing

General

Target

bf4ae49ec19d15c2cd3550c74ea258bf_JaffaCakes118
Size

245KB
MD5

bf4ae49ec19d15c2cd3550c74ea258bf
SHA1

6ec60764c104e1953d3b38a0eabf4f7f075e0981
SHA256

7bb5337b49deff9b9bf9e1c526e4c62bf41aa91570d29534ad081c01322c39f2
SHA512

6c004844022dcb0a517945c071d1e541b8f424185dca40d6a695d8cc72a99669f50c876db99f2b1600597209b870bbc0202ee956add2dba05991858a822a338a
SSDEEP

6144:N9C4TKalKRowInMiDbVt107CSiQUFyQhQW2rKqiaxe7h0xq:/C49SEMiDJ0p8DhKuzaxel+q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf4ae49ec19d15c2cd3550c74ea258bf_JaffaCakes118

Files

bf4ae49ec19d15c2cd3550c74ea258bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed47f0e6504d61e89919b7fc2070244a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
ExitProcess
GetCurrentProcess
LCMapStringA
CloseHandle
CreateFileA

user32

CreateWindowExA
CharLowerBuffA
wsprintfA
SetWindowLongA
CloseWindow

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueA
RegQueryValueA
RegEnumValueA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA

Sections

.text
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ