d04c958295c2017e50d5deb2dca475df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d04c958295c2017e50d5deb2dca475df_JaffaCakes118
Size

132KB
MD5

d04c958295c2017e50d5deb2dca475df
SHA1

dbf98eec76b858d471ec0d2fc284bedf17df5e0b
SHA256

fe75bfb5f8e306aab21e3dcf6274e8572b30d2cd532edf3a5d1175ad51f4bd83
SHA512

6af430ad9e8906791c0d5d346f43cc0ce6349f63b84cde0bbfdfb0b4ee8bb3991d4e116d3d3bbcca6a9d4c73cfb3a07410a3d5c33b5f1837dc868739f7f5b072
SSDEEP

3072:Wx4/RUZW4id0tIwbKpE024ol5Ln4LzaDeiUH2iXEB:W+R8I4IwOpmjlGCDeiZiUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d04c958295c2017e50d5deb2dca475df_JaffaCakes118

Files

d04c958295c2017e50d5deb2dca475df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

265cfdbc461b572cf97d05273b3bac5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
LCMapStringA
HeapDestroy
GetProcAddress
ExitProcess

user32

CreateWindowExA
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegSetValueA
RegEnumValueA
RegDeleteKeyA
RegOpenKeyA

ole32

CoMarshalInterface
CoInitializeEx
CoCreateInstanceEx

Sections

.text
Size: 48KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 76KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE