fab204273a0f460fc6f9cd1d87a502d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fab204273a0f460fc6f9cd1d87a502d9_JaffaCakes118
Size

728KB
MD5

fab204273a0f460fc6f9cd1d87a502d9
SHA1

091ac8db4b1bf4a6c8701dd9bd4321bab0fc17cf
SHA256

4cd135474f6dc1824432d0fccbe51dca16e1eb44757fba5de18f9a75ef4c826d
SHA512

9e7927143690cad3c4a67d6ca2c387d7159f73a069f614228e6e368d80dea62b710b5ead811aad0f53c6fb082406ecf10ad745bdabc3df58b2f7fdc36b914eca
SSDEEP

12288:M0YG0Hjjq8MI6FH9EAfdCtLsDEV2Lez4yV:r0UFdEcCtwDm4yV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fab204273a0f460fc6f9cd1d87a502d9_JaffaCakes118

Files

fab204273a0f460fc6f9cd1d87a502d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6956294778a11ae9d0368bc1f18d2462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
GetCurrentProcess
CloseHandle
CreateFileA
LoadLibraryA
LCMapStringA

user32

CreateWindowExA
CharLowerBuffA
wsprintfA
SetWindowLongA
CloseWindow

advapi32

RegEnumValueA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegEnumKeyA
RegSetValueA

Sections

.text
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ