0193980cc0a9887a759921ce3cf70a14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0193980cc0a9887a759921ce3cf70a14_JaffaCakes118
Size

45KB
MD5

0193980cc0a9887a759921ce3cf70a14
SHA1

fc91c76dca08d7d8f09312146827b0c839a3755e
SHA256

613d91acc087960eaebea2f1d066040f0bbcd123174b2529fd9bd4ebe8d22c3e
SHA512

9a0d2a324bfd200a16b87c4a3583438d852b8172607c962e1b675075d0bcd3697ed0acc71be11936cbe463cd6e3dfc1362c2662dbea2b2878d8b60b845cf57dd
SSDEEP

768:UeJ2Abv/oHo/AJJ4RYrcwIHZIPQwREzVRzXTFW+TJkHOYwmvvv8eXw6v7F98q72:GooJ+WJ0ZzwREz/FW+TJkVwiseg6vhZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0193980cc0a9887a759921ce3cf70a14_JaffaCakes118

Files

0193980cc0a9887a759921ce3cf70a14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0174a0c4f8927382bfbef2093eae2bab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCloseKey
CryptGetHashParam
CryptCreateHash
RegDeleteValueA
CryptReleaseContext
DuplicateTokenEx

shlwapi

wnsprintfA
SHDeleteKeyA
PathMatchSpecW
wvnsprintfA
PathRemoveFileSpecW
StrCmpNIA
wnsprintfW
wvnsprintfW
StrStrW
StrCmpNIW
PathFindFileNameW
PathCombineW
PathFileExistsW

Sections

.evslaf
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mnyt
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fibad
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ