fa27347ddc5c542bcb0b19d96c240879_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa27347ddc5c542bcb0b19d96c240879_JaffaCakes118
Size

296KB
MD5

fa27347ddc5c542bcb0b19d96c240879
SHA1

1e2e103824f8d9d0e6e3525b564c6ae9bdd9a0cb
SHA256

e37a55c0f77358c9782c701162ff60dc8f9d725462ff3f248bcd28159b828810
SHA512

8d4783228c80a840f4ce435a186b187377a837f39b8bbc6e276c6dbe3fcf039146e9bcb639a5a2fd239e17d1cb8c7f6b1e6cd0586fb8e988333488aac1fd8275
SSDEEP

6144:/w2arcMW7c9QJF4QLHoUOOiIrK6jZe6M7l5ZBvRF:YlWjIUVjg6M7lfFj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa27347ddc5c542bcb0b19d96c240879_JaffaCakes118

Files

fa27347ddc5c542bcb0b19d96c240879_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6dbf268f7c63abe942a2cad911d0fce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
GetCurrentProcess
LoadLibraryA
CreateFileA
CloseHandle
ExitProcess

user32

CreateWindowExA
SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA

advapi32

RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegCloseKey

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ