278ef801aed8d8a5620900b687e0590f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

278ef801aed8d8a5620900b687e0590f_JaffaCakes118
Size

44KB
MD5

278ef801aed8d8a5620900b687e0590f
SHA1

16ccc31cce1d61bbfb3aa443ba10d2e83b112fa9
SHA256

db139e81408a172859328ebaf32bbdafe85847240c1667dfe648f9fb11e47647
SHA512

457e2e261bb9b2071ad856f392d0841e7ccc6b49a50534ba58bbfa18c0dff306f88da33dc3b904388c143488f46a4232f45a192a2552e4cf2fe40c37a415d360
SSDEEP

384:zjQlIWFtOl2a5bOrJ5BxFltAU/ClzKyulNnESlGB9upoQ2A:oFt25bmXzaQ1XlGB0poQ2A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
278ef801aed8d8a5620900b687e0590f_JaffaCakes118

Files

278ef801aed8d8a5620900b687e0590f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4f5088c0f5cb06079081dd91dae9e2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WideCharToMultiByte
GetEnvironmentVariableA
GetVersionExA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadCodePtr
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
LoadLibraryA
GetACP
GetOEMCP
GetProcAddress
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

MessageBoxA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE