da15907cb75a74fb05105d0346c74c9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da15907cb75a74fb05105d0346c74c9c_JaffaCakes118
Size

488KB
MD5

da15907cb75a74fb05105d0346c74c9c
SHA1

ef29eb5bd7fea96f338db6aec5df6fdf10c51e3b
SHA256

95a8f9e43417943accb5972aae0b451cc238b87e84576d5f4c7c9bc8e55ad370
SHA512

d9b0855133b3607beb6565ac81d7c5ba485fe1a8c3527188928dc4684fb8d1195ad6141f55640215fb4fb2f3367d146708bb708d7d2d1348fdc33c9cb4dbe84b
SSDEEP

12288:t8Jx4s2Givw6cNkINJaVw3dYov4XxZF+C+YaRNuGZ/CEqHvwRiJ8I:tKP2fw6EpZ3dvC3+YquGZ/CdHsU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da15907cb75a74fb05105d0346c74c9c_JaffaCakes118

Files

da15907cb75a74fb05105d0346c74c9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31ebf2be6eff383eb85d692e14cf2f19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LoadLibraryA
ExitProcess
GetCurrentProcess
CreateFileA
LCMapStringA

user32

SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegEnumKeyA
RegCreateKeyA
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegDeleteValueA
RegCloseKey
RegSetValueA

Sections

.text
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ