3b773072862e665b425f31d80e33c427_JaffaCakes118 | Triage

Sharing

General

Target

3b773072862e665b425f31d80e33c427_JaffaCakes118
Size

312KB
MD5

3b773072862e665b425f31d80e33c427
SHA1

ee097d59e6e69a4660c5e47a88d97f9e63ea2a82
SHA256

13089b419f5505b584a5f00ccbb49bf7a446d2c3a8e067b48e90e91fbda32d79
SHA512

71695afe08debcad26e8afa250e0fcbeada16752494dfbe050f1a0fc6aaf25f3da061a52afddc8785a241da25ba26983114c0bd60451e7fac3e71bb1d27dd5e1
SSDEEP

6144:Dil36LKaFM+R5gUvdtwzMsYfDnGJ52cwCrf936FuPm2zpwCFCKEDXUqfe:DiBaSo5gUvdMMFKJm4l3suPmlC7qe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b773072862e665b425f31d80e33c427_JaffaCakes118

Files

3b773072862e665b425f31d80e33c427_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63b266a7dd2656e27fc44d2d04f2ec24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
GetCurrentProcess
CloseHandle
CreateFileA
LoadLibraryA
LCMapStringA

user32

wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA
CreateWindowExA

advapi32

RegQueryValueA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegEnumValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA

Sections

.text
Size: 270KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ