29d24123ba9ee955ee1030d9aa126c53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29d24123ba9ee955ee1030d9aa126c53_JaffaCakes118
Size

396KB
MD5

29d24123ba9ee955ee1030d9aa126c53
SHA1

f5c7bd2fb45fc416809e05de33b2eb2f4f7d40ca
SHA256

1de73ca6e58845256b42f5a10fd7d7ab27d46ad56b47224cc9f080de40cdb589
SHA512

140baede2d284d1d604011ae85413435495b237b9a3861370c4e1beb86a940cf00c8ecef32cbad5623accf3059e0ae9693930452e96f262a6f50280d4ba3d0a1
SSDEEP

6144:t+/AZtojy28giIEbkUfkh67766COOvhvJ/Ti8LcoKL9vVSD6+kMK2I0aa7/3:8/AZtoLbEbm0X69vhx/BcoCrSD1tRIOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d24123ba9ee955ee1030d9aa126c53_JaffaCakes118

Files

29d24123ba9ee955ee1030d9aa126c53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

996a873788e3b6586a997942504a1bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
GetCurrentProcess
CloseHandle
LCMapStringA
CreateFileA
LoadLibraryA

user32

CharLowerBuffA
CloseWindow
CreateWindowExA
wsprintfA
SetWindowLongA

advapi32

RegEnumKeyA
RegOpenKeyA
RegCreateKeyA
RegEnumValueA
RegSetValueA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegQueryValueA

Sections

.text
Size: 379KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ