fe3d95522cf38d9bd5b0064a43e4a1ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe3d95522cf38d9bd5b0064a43e4a1ac_JaffaCakes118
Size

164KB
MD5

fe3d95522cf38d9bd5b0064a43e4a1ac
SHA1

ba5a145c943e78b0f93c3ba1956730fb6487fc92
SHA256

b4618fa49f47e40cfa4abb40da00e43f871401ad3be215be07e9d486b73598f8
SHA512

d11e74e4edd97e1a9af8af1287d2d56d2994b7a183d988209ea5716f6f823d3bcd1f7269b8a7e091d2da867cf72c0997e88b29966c423014c5e9f9012a286067
SSDEEP

3072:EVygg+pGYjCqQ38x+w/LLbNwMx7KbohyyLSCtdcmq7T1H3uLhFCaQV:4yghvs38FXxwvbosPCt5q7TF3gh4aQV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe3d95522cf38d9bd5b0064a43e4a1ac_JaffaCakes118

Files

fe3d95522cf38d9bd5b0064a43e4a1ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74fcf7ecb517c75ffa09b3d9b4902cb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
GetCurrentProcess
LoadLibraryA
CloseHandle
CreateFileA
ExitProcess

user32

CreateWindowExA
SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA

advapi32

RegQueryValueA
RegEnumKeyA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegOpenKeyA
RegSetValueA
RegCloseKey

Sections

.text
Size: 144KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ