d23feb89d35c97495de3e73dbf55b9be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d23feb89d35c97495de3e73dbf55b9be_JaffaCakes118
Size

645KB
MD5

d23feb89d35c97495de3e73dbf55b9be
SHA1

9258a1c00cb75189b5f6663eb14ee4f18c61d1ba
SHA256

f57d0d2e8bcb2576ba76f0f2e745ca2e53367d6e4d75ecafcbbe13333ead5504
SHA512

67e79cb215bfb2e9e09de21522bdf561a2cef208d81adac18fc046f48ad33769eb2b1b40123204cb7eab7e59cf255fdb025c8f5880ee2cd1bfd071f4da492ca9
SSDEEP

12288:tuqPfmCP6UhJvpwEHOHadB3ooqW9vpwku4f+GGfC0ddIJXz76gDqQUU:cqjPnGUO+B3oorBH+Hq0dMXnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d23feb89d35c97495de3e73dbf55b9be_JaffaCakes118

Files

d23feb89d35c97495de3e73dbf55b9be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9671d04b8a2c50944629cede40468164

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
CreateFileA
ExitProcess
LoadLibraryA
GetCurrentProcess
LCMapStringA

user32

SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyA
RegCloseKey
RegEnumValueA
RegQueryValueA

Sections

.text
Size: 596KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ