f7307bab3a7b7b81de35379e16366909_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7307bab3a7b7b81de35379e16366909_JaffaCakes118
Size

347KB
MD5

f7307bab3a7b7b81de35379e16366909
SHA1

650f93d5a7f390d5b9d6bb22c8e9351d9c5ef07b
SHA256

97a4277b4adf38f0c492ca2b0bf970e3d470bf785f9cf2561a8056fc3487bf99
SHA512

13c8583073dfeadcd6021f14dba3343c702a33bac104382493047a9b8d6e0b037ffb61c279250a93867db3db1d6806dc28101dc7b0b80fdcbdb11afef78aeba5
SSDEEP

6144:pobhcMN285AFfBv9OYStv47q2dkcZZM3F1IGGVMwHoSshGD/wc/LQ:po11/0ctdOSFnG6phGDoc/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7307bab3a7b7b81de35379e16366909_JaffaCakes118

Files

f7307bab3a7b7b81de35379e16366909_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a28663f753d2b995e6ba35176d9ef9fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam

shlwapi

PathCombineW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
CharUpperA
CloseWindowStation
DispatchMessageA
EndDialog
GetClipboardData
GetDlgItemTextA
GetKeyboardState
GetKeyState
GetWindowTextA
LoadCursorA
SendMessageA

Sections

.rofeb
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pgt
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hun
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ