JaffaCakes118_18f99a12f22126a4ccd0cdc73b4b792e | Triage

Sharing

General

Target

JaffaCakes118_18f99a12f22126a4ccd0cdc73b4b792e
Size

392KB
MD5

18f99a12f22126a4ccd0cdc73b4b792e
SHA1

4e64be6fdb8402e67aedc25af50b350f556bd55c
SHA256

38f82b6ce1dea5169ddfffba456d12a7858301e700dad4b792c4757e488a01cf
SHA512

fc27c18023265cf3afe0962df46119ef0b5d114c363f2f61428cdb508a69bbd20e1688c9f8307f4b6b9ea17d54e174ada46c9b613d298303af2b4f9d7dbc9875
SSDEEP

6144:bcMqWu2qQ8N1UUJvAO03vM/6DBsKZfD0X8OoDntRVBdyXj6eyGirXGzYMUrt:QM82qQ8BAH3E/iBsxotRxC2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_18f99a12f22126a4ccd0cdc73b4b792e

Files

JaffaCakes118_18f99a12f22126a4ccd0cdc73b4b792e
.exe windows:4 windows x86 arch:x86

e779204ffaffcad62f0d66c0385ca8e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
CloseHandle
GetCurrentProcess
CreateFileA
LoadLibraryA
ExitProcess

user32

CreateWindowExA
CloseWindow
CharLowerBuffA
SetWindowLongA
wsprintfA

advapi32

RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

Sections

.text
Size: 370KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ