133c4b4d1ace62522e2f1ce72d841079_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

133c4b4d1ace62522e2f1ce72d841079_JaffaCakes118
Size

169KB
MD5

133c4b4d1ace62522e2f1ce72d841079
SHA1

7d02aecf6d4ef4f4a949a9adf750596fe806e4cb
SHA256

ffd82a9ded6f5f7b97f34e0312e1ba792ddf4781fb32a4916e0c09ed122fda0c
SHA512

13b3e48b4a6cb9fe43702cc831ef9500b62b74a9392d97d3556148531569cb13e2e0d91dbdb3b63c069941f0231e6a1e118741c773c0fa346fa99ef47742a853
SSDEEP

3072:dxIUcY6/suQBkFdjdeItpTkAqIiNSYW2YIQQJdK5ZMZJpYEH1R:dWrY6yy3cITsNSYWPInr8MVNR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
133c4b4d1ace62522e2f1ce72d841079_JaffaCakes118

Files

133c4b4d1ace62522e2f1ce72d841079_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d3d8f8baff6ebba32a9d16459aadc76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
GetCurrentProcess
CloseHandle
LCMapStringA
LoadLibraryA
ExitProcess

user32

CreateWindowExA
CloseWindow
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegDeleteKeyA
RegQueryValueA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyA

Sections

.text
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ