d57f439c3f222be1c7463c0bb3427b3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d57f439c3f222be1c7463c0bb3427b3d_JaffaCakes118
Size

196KB
MD5

d57f439c3f222be1c7463c0bb3427b3d
SHA1

25f986da07fbf077ee94a601db710b89bc4b11d7
SHA256

0deb7ba5d3212931c9af98fc06179a2bef490a1340ff8da6bb2bf352098a902c
SHA512

d8a2ec3f18c5102fe61113b4b474bf3ff2e8ab9ac68a7a871d3a15dff8042b57530e543e0e2cbb2ef862eec0e6068c95fb7f5349e9bbf1c99eb781788a4a8479
SSDEEP

3072:9BI1+4+1NxmaUXUS6l6XaIjfaumWN3+d0erPxEkIm82WvKKfDsZ7QIDsdCJFInyq:9Bw7kbUsl6v3p+d9PCO0I1nDsoJSnr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d57f439c3f222be1c7463c0bb3427b3d_JaffaCakes118

Files

d57f439c3f222be1c7463c0bb3427b3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

175d62fb84998c9247199034a31a6900

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
LCMapStringA
CloseHandle
LoadLibraryA
CreateFileA
ExitProcess

user32

CloseWindow
CreateWindowExA
wsprintfA
CharLowerBuffA
SetWindowLongA

advapi32

RegCreateKeyA
RegQueryValueA
RegSetValueA
RegEnumValueA
RegEnumKeyA
RegOpenKeyA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

Sections

.text
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ