dcc401610bd6b896dfe97ce9b0c3fcd5_JaffaCakes118 | Triage

Sharing

General

Target

dcc401610bd6b896dfe97ce9b0c3fcd5_JaffaCakes118
Size

1.2MB
MD5

dcc401610bd6b896dfe97ce9b0c3fcd5
SHA1

86f9fef33e56758d33b99ee8c29a82ecc654defb
SHA256

cffd49b914087ac92718e10e8f3dc797f033592ca9a470986ac17ecb73bbf5e6
SHA512

bfd5a30e02c1db0057b9d902f9e4991ec3d78cbcff2f28620a4e2175aa701422a0eaea8868910735b1337ae40aadda78b892a73d86e9e652bb078302304381d3
SSDEEP

24576:G3edPDSqVMj57TlB/LoRvnDsOtXC8OXAUn7vHHxR67lB0GN29cz7:jRSj57TlB8eOTfUn7pRIN2S7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcc401610bd6b896dfe97ce9b0c3fcd5_JaffaCakes118

Files

dcc401610bd6b896dfe97ce9b0c3fcd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a803fbce2310dcf568ec40b915caf17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
LCMapStringA
CloseHandle
ExitProcess
GetCurrentProcess
CreateFileA

user32

SetWindowLongA
wsprintfA
CreateWindowExA
CharLowerBuffA
CloseWindow

advapi32

RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegCreateKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegSetValueA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ