e0da07eebb04801ee310d36f0be3a5f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0da07eebb04801ee310d36f0be3a5f8_JaffaCakes118
Size

1.9MB
MD5

e0da07eebb04801ee310d36f0be3a5f8
SHA1

ce1c256fe24108420d3bd44c66cadfd1cf787fef
SHA256

2efd0e272af79d14079d750e8804fa8ba101ba1831265df7d86b6e7882e74c28
SHA512

461b3547c0febd8da6931ced3507b0b3397ddb7a5b6b9e64953b342d71141b22fe337edd250ff14599990fce8042f62cec566a0e58e453544f6e5f485b5d77b9
SSDEEP

49152:CW1V75N2fZz7aP1Mqh6raS59hWaACNhkRafkXf:C0N2fZHg16raeeaACNhnE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0da07eebb04801ee310d36f0be3a5f8_JaffaCakes118

Files

e0da07eebb04801ee310d36f0be3a5f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9d7fa61c1ac7a620316bce69e3f4217

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
ExitProcess
LoadLibraryA
CreateFileA
LCMapStringA

user32

CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA
CreateWindowExA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegEnumKeyA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegDeleteValueA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ