f084642c87c73fdd63c541d98a849978_JaffaCakes118 | Triage

Sharing

General

Target

f084642c87c73fdd63c541d98a849978_JaffaCakes118
Size

392KB
MD5

f084642c87c73fdd63c541d98a849978
SHA1

7b5df50ebd8b15a7b65756e5cc5de9ac5bab950f
SHA256

de088820c686e3ac15d136e56e886a10307f94a445f3f1f799ea1bf1de2a32c9
SHA512

44e20ffefdf9cbfaa6eceb5f2c9d60876df62100b6c4d229a8eb14863204961281131605c9832a1ca1c4c2310e85b911dcb28d600c491515543de9af97584317
SSDEEP

6144:j9728cvwlNoGv7Kg4lt/XiULMZBtud/DYpKcK81bEAYSvKmz/RVdPaCD:hi8siNoGkpMZBg9DYpKyIALvKWJVdbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f084642c87c73fdd63c541d98a849978_JaffaCakes118

Files

f084642c87c73fdd63c541d98a849978_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f164512da5535f5e937bf875e8cab29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
LoadLibraryA
ExitProcess
CreateFileA
LCMapStringA

user32

CharLowerBuffA
wsprintfA
SetWindowLongA
CloseWindow
CreateWindowExA

advapi32

RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA
RegDeleteKeyA
RegEnumValueA

Sections

.text
Size: 369KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ