17c3d3028c3a6a9cc5b639c3b7864eaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17c3d3028c3a6a9cc5b639c3b7864eaa_JaffaCakes118
Size

207KB
MD5

17c3d3028c3a6a9cc5b639c3b7864eaa
SHA1

c77ed3035f5e0ca4e288c7da0f2f2726eb96ef45
SHA256

fca22a197a5e3202bbade04312de9d2006d167fd847a8e2151e488d701b44501
SHA512

b7c1e5b1d8121af46816c997c00c46abb8e5a416e49ddcd1a02b8290c93220a78ef1aa78524b51fea5177900f6f2205b635c30ae82a0cadbd73a5053073903c2
SSDEEP

3072:rA/skra924ajN2dcAObVHy/d6lp1YOEUQ20zMluKsu2cp8RHRwOA7ahZVI:U5P4ajN2dcxVRlvYOERM24pER5hZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c3d3028c3a6a9cc5b639c3b7864eaa_JaffaCakes118

Files

17c3d3028c3a6a9cc5b639c3b7864eaa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e399161ab0ea70e8f4e7647307ddbe5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
GetPrivateObjectSecurity
IsTextUnicode
LogonUserA

kernel32

CreateFileW
ReadFile
CloseHandle
CreateFileA
RemoveDirectoryA
SetConsoleMode
HeapSize

Sections

.abol
Size: 34KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hsf
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nav
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nqf
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE