f66d14ff4759d30b614f7cf188b45f7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f66d14ff4759d30b614f7cf188b45f7a_JaffaCakes118
Size

412KB
MD5

f66d14ff4759d30b614f7cf188b45f7a
SHA1

a3fc88af4f69a98cba8c19f4163fa29842e1e238
SHA256

25001fd7beb0a32501b89c98028a9466c9573b591f45be3fa7bef753f04798dc
SHA512

c6f2d8c7e06c69afdaa598defe684fa6cc80f0eed836d3b0feabbb8f382868db6eecf67f674a25445664e6249d9fc7a144e2c65ca77b84d5db5494dd134b435f
SSDEEP

12288:a36ok57VUdZTL5SerEjn8DyD/agZej40b:a35488n8WD9Zej4U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f66d14ff4759d30b614f7cf188b45f7a_JaffaCakes118

Files

f66d14ff4759d30b614f7cf188b45f7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c68c3687af1afd9a950c7f2bf44f24b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CreateFileA
ExitProcess
GetCurrentProcess
CloseHandle
LCMapStringA

user32

SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA
CharLowerBuffA

advapi32

RegSetValueA
RegCreateKeyA
RegEnumValueA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueA

Sections

.text
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ