f4ea20fe360a7ecdfae10dbcb3d47d05_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4ea20fe360a7ecdfae10dbcb3d47d05_JaffaCakes118
Size

48KB
MD5

f4ea20fe360a7ecdfae10dbcb3d47d05
SHA1

b3d2e84cad8f4de46058ddca7fd5a6054b070179
SHA256

3e1074a86f76398404d7fff6b76a060e44ddd363866c65719d43c7441b0cf67a
SHA512

013d8542377d2ad3a62b3fb41602a0661daa61dd9745e6f1418147c9f8a2c16fa88f122e56b555f2959972f05e08f998bd3dcc556ba0efb2d5491fccc2914b3d
SSDEEP

768:1lndIrhfSlGcB2JOW2vYGU7zLydkN8MWmvAlnQr7VHGuZVgFeuOPrSRSO:zd6SIUOfh7zLth/Aq/VHGuHgoAgO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4ea20fe360a7ecdfae10dbcb3d47d05_JaffaCakes118

Files

f4ea20fe360a7ecdfae10dbcb3d47d05_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dbae3697f50756006de48e367e47b279

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptCreateHash
DuplicateTokenEx
RegQueryValueExA
RegDeleteValueA
CryptGetHashParam
CryptReleaseContext
CryptHashData

shlwapi

wvnsprintfA
PathFileExistsW
StrCmpNIW
PathFindFileNameW
StrCmpNIA
StrStrW
PathRemoveFileSpecW
SHDeleteKeyA
PathCombineW
wvnsprintfW
wnsprintfW
PathMatchSpecW

Sections

.gxgnyx
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.efqj
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udyh
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ