3c4dedc7bb899c6edc3950f8078d4503_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c4dedc7bb899c6edc3950f8078d4503_JaffaCakes118
Size

184KB
MD5

3c4dedc7bb899c6edc3950f8078d4503
SHA1

58e98da052d32c1c64a875c41538c1437df3fa07
SHA256

d2eefd04796af46f140a54f41a9f7cc8015c7bbe5eb4005ea58c799634ed0940
SHA512

b934a5306d7043bb96526a3f3ce7288d8ce94f46b26ce085bf2003c808476ce4c612922c951b29a09fa007c3893ef576279f616be1020d051fd16449a08bed82
SSDEEP

3072:8iuN/NkKhMKxeveBMjcKHXuBNrQ7bCnxzznQ1bgPX/bVBjG3+eX:5uN/NrPUvDxWu4zQ1WTVpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4dedc7bb899c6edc3950f8078d4503_JaffaCakes118

Files

3c4dedc7bb899c6edc3950f8078d4503_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84ddae4227912ba2a8a36d525b7a98d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
CreateFileA
CloseHandle
LCMapStringA
LoadLibraryA
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
CloseWindow
SetWindowLongA
wsprintfA

advapi32

RegCloseKey
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA

Sections

.text
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ