JaffaCakes118_b9015d7005917e7b3b7dd9e46471e597 | Triage

Sharing

General

Target

JaffaCakes118_b9015d7005917e7b3b7dd9e46471e597
Size

248KB
MD5

b9015d7005917e7b3b7dd9e46471e597
SHA1

d8a3ba08a7e163135a0a1bcc0a5963f936e659b2
SHA256

16ce5561a44924ae8299cac899ed24c212d93a7b273a183a5a66880769424b18
SHA512

99d90f41c54b2c903dec8037d23702396c5950a03a1b8825202c2e47d775dcf1bd346f356e5739ab5c54fbae7f5ac4c70089e21f94daf20e17607b9e0c496f3d
SSDEEP

6144:p08ln3ce15OV6K4zf2xWOL+jHBlTQB+xWHyGLc:pL5qQ+xWOLIHBlTc+xgc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b9015d7005917e7b3b7dd9e46471e597

Files

JaffaCakes118_b9015d7005917e7b3b7dd9e46471e597
.exe windows:4 windows x86 arch:x86

a66f55ecca0755f853eb0b022cb3e20b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
CloseHandle
GetCurrentProcess
CreateFileA
LoadLibraryA
LCMapStringA

user32

CharLowerBuffA
CloseWindow
SetWindowLongA
wsprintfA
CreateWindowExA

advapi32

RegSetValueA
RegEnumValueA
RegDeleteValueA
RegCreateKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ