fe5fd3aae117d7049d7f2daad7227d32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe5fd3aae117d7049d7f2daad7227d32_JaffaCakes118
Size

188KB
MD5

fe5fd3aae117d7049d7f2daad7227d32
SHA1

ca2b7e25f1703454de6bcf9bb7cb194c592f52de
SHA256

aa21e47dee710f5d0af8e63ab606965d7e62d9181f684e84f6278246380ffa4c
SHA512

ab45d43702407eda7c8ceef4d0f73bba22d7db3c64838657ce5d083d200912239d8f020bd6ffc169eb9a731e464c83821db627136668a4cf7b54ef2c9f9c2761
SSDEEP

3072:Pmm0VgzW8FW703sEptchtjz9FkUpK3zlboswccH4fB2eFyOjtuLJZ6oV/+MY5Heq:PmVgzW0kippa/jz9HpK3zIQ2eFyO5uLU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe5fd3aae117d7049d7f2daad7227d32_JaffaCakes118

Files

fe5fd3aae117d7049d7f2daad7227d32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9147a7ec6974060beebcb95ee285f5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
LCMapStringA
GetCurrentProcess
LoadLibraryA
CloseHandle
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
wsprintfA
CloseWindow
SetWindowLongA

advapi32

RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegSetValueA
RegCloseKey
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ