f87835ff265b881aa04fc65f21a8facb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f87835ff265b881aa04fc65f21a8facb_JaffaCakes118
Size

51KB
MD5

f87835ff265b881aa04fc65f21a8facb
SHA1

8982f20108d9aae3ec158a7e02650109020ce678
SHA256

ed85b6aa592266a95ee68756f8a8608bb112aeb67b1161fbc5b2ca2e7a1bc939
SHA512

32840f3ca139ba3056f6bedbeb15419b57f9980f30e70490afcc70e84fb39508c2d59ec21de7149364d5f2b36c391cb361d101a62ae349322de0c821e1f93a72
SSDEEP

768:+uQQfUG8l70wHAfBzEnQPVvGhW3ts12g1eoWf+Yi/AybEci+NzoAVtPDf0IEj:9F40/ZQQtehK+3eBmYi/JDdlFf0Tj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f87835ff265b881aa04fc65f21a8facb_JaffaCakes118

Files

f87835ff265b881aa04fc65f21a8facb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d394cb3bbfbd434e843fc682a6df2cff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
RegEnumKeyExA
RegCreateKeyExA
CryptCreateHash
CryptDestroyHash
GetUserNameW
RegSetValueExA
DuplicateTokenEx
CryptHashData

kernel32

GetSystemTime

shlwapi

wvnsprintfW
PathFindFileNameW
wnsprintfA
wnsprintfW
PathMatchSpecW
StrCmpNIW
PathFileExistsW
PathCombineW
SHDeleteKeyA
StrStrW

Sections

.pgbst
Size: 41KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.szynux
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ncnef
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ