2fcc6da2debdfacf11c8cb8b7a3ee41d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fcc6da2debdfacf11c8cb8b7a3ee41d_JaffaCakes118
Size

365KB
MD5

2fcc6da2debdfacf11c8cb8b7a3ee41d
SHA1

be70da67015945e209e8a1e8d451e3b4fae4b7d5
SHA256

b176c5b0d660ef361f661bc52bd16641e53baba04221705ed6e68ad67e5f9b1b
SHA512

8f29d53c0f9bdfeee01b9e53b2473fbef589c6ff9e463236c9bfcc1537fcdb0aff461ced7b17b3b3bf343a091cc888a06f1f7ae0a799240bc0aea39258233a1b
SSDEEP

6144:Gd39iA6v4adskWaiixEemdrPhr8swQvkRu1fPtKVu6k5KdGfawiKOvIFCmYiDzlj:e93i4CacEJgsw5Syy4GZfDRZj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fcc6da2debdfacf11c8cb8b7a3ee41d_JaffaCakes118

Files

2fcc6da2debdfacf11c8cb8b7a3ee41d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d52e1f4bf9f952e5675eb882383cd03b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
LoadLibraryA
LCMapStringA
CloseHandle
GetCurrentProcess
ExitProcess

user32

CharLowerBuffA
SetWindowLongA
wsprintfA
CreateWindowExA
CloseWindow

advapi32

RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA

Sections

.text
Size: 280KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ