e1b1efe73d93e0c0cccae402ccdd90fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1b1efe73d93e0c0cccae402ccdd90fb_JaffaCakes118
Size

172KB
MD5

e1b1efe73d93e0c0cccae402ccdd90fb
SHA1

425b4a67407f4fe74770aad719009d1285e2fc1e
SHA256

bd0832580fe390067aeb915d6055d35eba28e06b6893c499789d8d1087b62784
SHA512

d09ca7d2668711b0618287b5984a5d7664190b82c3b06d6578acb06e8e4371191e3b1f681ff6d3289670c8898c19a158c9ace95b240d318029295f9126add944
SSDEEP

3072:21vMWPmSM9IRWOSlMu4OWKq90k7yX+WNeBm52Vwt6LaLdltZN85:CvTAIoOSlMu4O7gdyX1eBmUVwta2p85

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1b1efe73d93e0c0cccae402ccdd90fb_JaffaCakes118

Files

e1b1efe73d93e0c0cccae402ccdd90fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5af32f31740e6804d2732e52e7f72cc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
LoadLibraryA
CloseHandle
ExitProcess
LCMapStringA
CreateFileA

user32

wsprintfA
CreateWindowExA
SetWindowLongA
CloseWindow
CharLowerBuffA

advapi32

RegCloseKey
RegDeleteValueA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA

Sections

.text
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ