fa66ff51abdd97a25ca58db5dbbf6ec4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa66ff51abdd97a25ca58db5dbbf6ec4_JaffaCakes118
Size

11.1MB
MD5

fa66ff51abdd97a25ca58db5dbbf6ec4
SHA1

85d3c3296d63403974d9b3cffeb362bd5fc5206a
SHA256

18966a744e055db59c1bfb55131df7352cf9dc19bf4823b119029c7fb038fa09
SHA512

41f7e6347e93181c338faed1e13f3e668d61efa5a44efa2794587daa903989dba7e38cbc4926af79d3714f461a39af44a8652a6ac1f604770a6833be484d4f5b
SSDEEP

196608:Nw6SN5S/T9BVLyN9DmTeRflC+kTcE2geL4a/0VUVGiPjsGoFzKBxa5toE9fvt:Nw6SN5iT9B189Dm4LtnVDSFzKBixvt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa66ff51abdd97a25ca58db5dbbf6ec4_JaffaCakes118

Files

fa66ff51abdd97a25ca58db5dbbf6ec4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab11f616d1725185212c359c47d843fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
CloseHandle
GetCurrentProcess
CreateFileA
LoadLibraryA
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
wsprintfA
CloseWindow
SetWindowLongA

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumValueA
RegDeleteKeyA
RegSetValueA
RegEnumKeyA
RegCreateKeyA
RegDeleteValueA
RegCloseKey

Sections

.text
Size: 11.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ