ea3ca15a74b8ffb392aac9a697d84917_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea3ca15a74b8ffb392aac9a697d84917_JaffaCakes118
Size

548KB
MD5

ea3ca15a74b8ffb392aac9a697d84917
SHA1

ffd564324328d01a3b1cbc1a32b132ff852d5580
SHA256

45f3e8ac9fdd880228eaced894a2a6c6d2fecbd848f8501a24fec6ce541f3710
SHA512

958dc7eefdfa4efb12d87682b88883a84a297afbfaf08717bb564f28ba2d5f3da2d13beea3437d7ed4c8fefba2cb9984b9598ba61305de5c8c51950a4b24429c
SSDEEP

12288:iciZE5iQWy6YCRrsn/cPLrEGmLtFPiVcKpRlOhIuENqNYxZ32LosLUUL7:iciCNdv/cPLULtFPi9pRlgIuE0Ne3SoS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea3ca15a74b8ffb392aac9a697d84917_JaffaCakes118

Files

ea3ca15a74b8ffb392aac9a697d84917_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4e038ecdab8750afe96cd3bb548554a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
CloseHandle
GetCurrentProcess
ExitProcess
LoadLibraryA
CreateFileA

user32

CharLowerBuffA
CreateWindowExA
CloseWindow
SetWindowLongA
wsprintfA

advapi32

RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegEnumValueA
RegDeleteValueA

Sections

.text
Size: 529KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ