07105664cdb3478ac30839ec5f07ccff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07105664cdb3478ac30839ec5f07ccff_JaffaCakes118
Size

48KB
MD5

07105664cdb3478ac30839ec5f07ccff
SHA1

8cf167cd2da996f789981e20856f4ab40d103fdd
SHA256

409ce2f88da66e3e2705f5038ca352183b5eed2a38e1458f5c2eb6f61a909c72
SHA512

ff28e7b09b03b94ff32741cfed3895a0db3f2950a1e8cb6b316af92e59ab23d83671d84dd6eec81afd00d39b0803e9d8024a63c234e8f98f0641d2498e145134
SSDEEP

1536:7ST8JoGqz6z2yIr43lScv1AJsWzLd7unho:7PJGz6z2yx3lHOSWao

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07105664cdb3478ac30839ec5f07ccff_JaffaCakes118

Files

07105664cdb3478ac30839ec5f07ccff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96be527a2b976bc7cfca4a01d49e1fcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam
DuplicateTokenEx
RegDeleteValueA
RegCloseKey
RegQueryValueExA
CryptCreateHash
CryptReleaseContext

shlwapi

wnsprintfW
PathCombineW
PathFindFileNameW
wvnsprintfW
wvnsprintfA
StrCmpNIW
wnsprintfA
SHDeleteKeyA
PathRemoveFileSpecW
StrStrW
PathMatchSpecW
PathFileExistsW
StrCmpNIA

Sections

.dynsj
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yduh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.czsfwj
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ