ffb4006647a5c7ce4770b572363df6df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffb4006647a5c7ce4770b572363df6df_JaffaCakes118
Size

176KB
MD5

ffb4006647a5c7ce4770b572363df6df
SHA1

43e8fa4acb7480fac3c93277c0509fc598393deb
SHA256

47a150e925c870dfff7500ac6bbc93ef441206859902ea4f887875ac56dea17f
SHA512

5d35aa82243056c2a6592cff20ea2b3cae0370e5a5affdbeef1cc23c748063d197c5c30e7a7b51493bc29a1cc7686b63e0aa95a8598fdabcf5b4a539094abfa7
SSDEEP

3072:xrz1YzHvPMAVp86jpSO4kCuU5rIs8PatRa7cZJ73nEzdvJyWR/YCQseqw:xrz1YbvPMATpjpFUlS+a7MJ73nEzdQWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb4006647a5c7ce4770b572363df6df_JaffaCakes118

Files

ffb4006647a5c7ce4770b572363df6df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1fed43402d1c1d08b4cedbb861f4f9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
ExitProcess
CloseHandle
GetCurrentProcess
LCMapStringA
LoadLibraryA

user32

CloseWindow
CreateWindowExA
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegSetValueA
RegEnumValueA
RegCreateKeyA
RegEnumKeyA
RegDeleteValueA

Sections

.text
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ