d4e1c7ddfb06cc9dc9b499502a988ffc_JaffaCakes118 | Triage

Sharing

General

Target

d4e1c7ddfb06cc9dc9b499502a988ffc_JaffaCakes118
Size

172KB
MD5

d4e1c7ddfb06cc9dc9b499502a988ffc
SHA1

9f5f6bfb7c925eb44d03b7a29b8b9ed39f7edffb
SHA256

1f5b5f662b6740934ae20a5bd735686d49bdc15aec27165ef74275b063375477
SHA512

3a0491c412e62534950bb5063e14dc0a99c9b985b52571309aa774d2c33f80bbfcc30a345d78a2fcf14a1941c9b9faa10b66f0ac8a00dd0906b69c8f3e713c7b
SSDEEP

3072:25eRAMziHGYsyikqOajWgBrRYfnE4sl5BUjJj1MXqN3c5Zy9BaoGJ1uG4at:25emMSBs5OtgBefnEJqjJiXo3OZ+Guat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4e1c7ddfb06cc9dc9b499502a988ffc_JaffaCakes118

Files

d4e1c7ddfb06cc9dc9b499502a988ffc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b8788595153a8b68ca65acaf6ebb346

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
GetCurrentProcess
ExitProcess
LCMapStringA
CloseHandle
CreateFileA

user32

CreateWindowExA
CharLowerBuffA
wsprintfA
SetWindowLongA
CloseWindow

advapi32

RegCreateKeyA
RegDeleteKeyA
RegQueryValueA
RegSetValueA
RegDeleteValueA
RegEnumValueA
RegOpenKeyA
RegCloseKey
RegEnumKeyA

Sections

.text
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ