17da43fa3d7d3b567beacc49bb5448b3_JaffaCakes118 | Triage

Sharing

General

Target

17da43fa3d7d3b567beacc49bb5448b3_JaffaCakes118
Size

50KB
MD5

17da43fa3d7d3b567beacc49bb5448b3
SHA1

b051c5c573566b1176d2969702dfe7e58cc52186
SHA256

6a68a1eb746f343eb2d749e7c6711efab0843c1810a42efade1e46b37b5be0a2
SHA512

aa067f788a6e7951aae83c1b2338c134e31dbe7f222bba867467a599844c92c2d810b092a2da70217a9b237e4e88c3fbfd9ea1cad0cb12d84c2f1fae1401368f
SSDEEP

768:qlslz8LONVSV5bkxi6065+Z65w+XZISMUJeKXesaOS58hIOfevePRsJCYME:q0IO0k/0bIZVMYeBsEGI/aRwC8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17da43fa3d7d3b567beacc49bb5448b3_JaffaCakes118

Files

17da43fa3d7d3b567beacc49bb5448b3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

108495bc7698b5d3e80e21b49081a077

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation

shlwapi

PathFileExistsW
PathFindFileNameW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wnsprintfA
wvnsprintfA
wvnsprintfW

user32

CharUpperW
DrawIcon
FindWindowExA
GetCursorPos
GetIconInfo
GetMessageA
GetWindowLongA
MsgWaitForMultipleObjects
OpenDesktopA
OpenWindowStationA
PeekMessageA
SetThreadDesktop
ToUnicode

Sections

.whafwd
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gnqhev
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tqvwb
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ