2e7dcbc28e3a9432997bbf457bf3e2e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e7dcbc28e3a9432997bbf457bf3e2e4_JaffaCakes118
Size

276KB
MD5

2e7dcbc28e3a9432997bbf457bf3e2e4
SHA1

0e60fd0c26909321ba6fbb67402c337d4ab6d6e8
SHA256

1ee836d3bd8b2ba543330c0082afbbc46c2fc49dcb6389fb9cac6a119ddf6e09
SHA512

9125f62c230edee431463b499cf33785b1a0d75cb2934ca77195dafe41e59141957264217f440959196ef809225a60ab50d17a24357b62968368f2525529bfc1
SSDEEP

6144:ii13obqkrW08+xPsZJghxeXOC0pk+2vH6m/SyK9Os3:/+g+xP8jXQprwabTO4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e7dcbc28e3a9432997bbf457bf3e2e4_JaffaCakes118

Files

2e7dcbc28e3a9432997bbf457bf3e2e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d1b5bea5a9e49123dd12d8c56261408

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
LoadLibraryA
LCMapStringA
ExitProcess
CreateFileA

user32

wsprintfA
SetWindowLongA
CreateWindowExA
CharLowerBuffA
CloseWindow

advapi32

RegDeleteValueA
RegEnumKeyA
RegCreateKeyA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegOpenKeyA
RegEnumValueA
RegQueryValueA

Sections

.text
Size: 252KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ