d44af51da069add6448bd75abf386d2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d44af51da069add6448bd75abf386d2a_JaffaCakes118
Size

240KB
MD5

d44af51da069add6448bd75abf386d2a
SHA1

52ca798959d8f75a164e63574d3ee59afcc5f777
SHA256

508ede8c80cc82c9ee2b44633e76166834a37854ceba8c3dd8f2c3edd593c635
SHA512

bc326625629c519585675fab146204eba3db8a591f72e1d1bd0f66acb62cc03e4e761c306a0433052c754d1058da2e34ce663fcae0a941386d7ccb7a71c9c881
SSDEEP

6144:d3ewrnJWxoC3Xy/u1VQdRyWTsmi2WPKr6/VXuyb2mV2T1SAPYo:ResEhHyuVQzBXHCtXPD2TQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d44af51da069add6448bd75abf386d2a_JaffaCakes118

Files

d44af51da069add6448bd75abf386d2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

129a5255e6dcd933b2e855f8ebb5ad87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
GetCurrentProcess
CloseHandle
LoadLibraryA
CreateFileA
ExitProcess

user32

wsprintfA
CreateWindowExA
SetWindowLongA
CloseWindow
CharLowerBuffA

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegQueryValueA
RegSetValueA
RegEnumValueA
RegCreateKeyA
RegEnumKeyA
RegDeleteKeyA

Sections

.text
Size: 223KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ