JaffaCakes118_0190f7b16d0ee5d2b081e73203e17ce4 | Triage

Sharing

General

Target

JaffaCakes118_0190f7b16d0ee5d2b081e73203e17ce4
Size

684KB
MD5

0190f7b16d0ee5d2b081e73203e17ce4
SHA1

feb0ded0bbbf5d20f75467fcc40c50394f5d3f0e
SHA256

6db036bca5f6e4bf557f27b9a03d0d884600b740db2fe5c3536428cfed894d98
SHA512

8574aeb44c2cfad7acfde9dfc557e1b2dbe3509811ae937c7f02295c681443f630c78055184ebc08656948c224c25f06cf0a6cffa922a865884d86ca33d9b451
SSDEEP

12288:AN43KyDXA1LMid5D56w15CioScj3+Rv0OTfbKTPzxe3tKij7Lgm96e4ZOToxqMdS:ANAzA1VDD5n152j3GsjTPktKij7cjeP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0190f7b16d0ee5d2b081e73203e17ce4

Files

JaffaCakes118_0190f7b16d0ee5d2b081e73203e17ce4
.exe windows:4 windows x86 arch:x86

6a2d9ac746e7be01804252b63e7a2b4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
ExitProcess
LoadLibraryA
CreateFileA
LCMapStringA

user32

CharLowerBuffA
CloseWindow
CreateWindowExA
wsprintfA
SetWindowLongA

advapi32

RegEnumValueA
RegCreateKeyA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegQueryValueA

Sections

.text
Size: 566KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ