eb4c5dab9267303c604275d45670a8f0_JaffaCakes118 | Triage

Sharing

General

Target

eb4c5dab9267303c604275d45670a8f0_JaffaCakes118
Size

45KB
MD5

eb4c5dab9267303c604275d45670a8f0
SHA1

f5a2c55fe9a7bc5e56a63b167326a4cf0364adef
SHA256

c2f3d3d7e35dc384461a1d7a8707521edff206212869cfbf913fa7684fadba1a
SHA512

20cefe85c89de6bdc4f82d5be60deea25fa8ae0f1debbb1e4180b4e62eba54e62b640e43542988491769ecb618371bd8ae183a19e224f7136ed13663c467d2c5
SSDEEP

768:ofRwnJp0+ynBB2QHYVgUz5aUjdtGjDq0dsUB6RNr:s40ZBkhAJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb4c5dab9267303c604275d45670a8f0_JaffaCakes118

Files

eb4c5dab9267303c604275d45670a8f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1d1f9f4df0a1bfd179ac825f40e4cf4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
CryptGetHashParam
RegCloseKey
DuplicateTokenEx
CryptReleaseContext
CryptCreateHash
RegDeleteValueA

shlwapi

PathRemoveFileSpecW
PathCombineW
wnsprintfW
wnsprintfA
wvnsprintfW
PathFileExistsW
StrCmpNIW
PathMatchSpecW
wvnsprintfA
StrStrW
StrCmpNIA
SHDeleteKeyA
PathFindFileNameW

Sections

.dibev
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vkv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joh
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ