c86439b708a04a77b083130d20274e7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c86439b708a04a77b083130d20274e7a_JaffaCakes118
Size

180KB
MD5

c86439b708a04a77b083130d20274e7a
SHA1

c3c19009165031aec04cf046f4c0d696fc595b1a
SHA256

25f8956d4168d9fbebf6685e8d0d263d4a71deea88e838ffed898d4f3abf4e40
SHA512

b0f9d9b67cfe3acb682eee77857b1f010115a54c7ab0909cac2a6988ffe8a2bfcd1493bd5f9aa85b3380b92f67bee2ab177da45e7db9e8a543a5c3d3c2aedc1d
SSDEEP

3072:Wl5LfpH/52MjhTons4iELhoNcCYNsb4KaMf3zK1SSrLlJtE4gkuVoqp:kJTtkns4ZLMYNKwWzMS8LJnulp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c86439b708a04a77b083130d20274e7a_JaffaCakes118

Files

c86439b708a04a77b083130d20274e7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

214e3af07bb74f54f07f4b5218274bc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CreateFileA
ExitProcess
CloseHandle
GetCurrentProcess
LCMapStringA

user32

CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA
CreateWindowExA

advapi32

RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA

Sections

.text
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ