a5f4ea97d1b6428a43ed4b48225e9d5c_JaffaCakes118 | Triage

Sharing

General

Target

a5f4ea97d1b6428a43ed4b48225e9d5c_JaffaCakes118
Size

628KB
MD5

a5f4ea97d1b6428a43ed4b48225e9d5c
SHA1

f54ac91fa154415b14708782c1015a1649e9be3a
SHA256

36a00938b8da0b8b84f38c8f9b0eac351b7433293fe402d39c29331e20700426
SHA512

5f14b0a765c44a0e4665bb11f413139ee56a1641d24c226ef018be72b78b21eada7a56ec5a7bed1057a08c4f782270be64818b6412b749a51b93cbb970765b09
SSDEEP

12288:YhbFKoVvJFVNNsEfzfChUSz+fy68QwqpU9wO8UpZX63xNYs:YvKIJXrfCSJV8MswOmNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5f4ea97d1b6428a43ed4b48225e9d5c_JaffaCakes118

Files

a5f4ea97d1b6428a43ed4b48225e9d5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9899bd6b237fe8d600712efb05cc8a42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
ExitProcess
LoadLibraryA
CreateFileA
LCMapStringA

user32

CreateWindowExA
CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA

advapi32

RegDeleteKeyA
RegCreateKeyA
RegDeleteValueA
RegSetValueA
RegCloseKey
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegQueryValueA

Sections

.text
Size: 574KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ