190be2c1fa95ca319c1e08ad45058b77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

190be2c1fa95ca319c1e08ad45058b77_JaffaCakes118
Size

46KB
MD5

190be2c1fa95ca319c1e08ad45058b77
SHA1

982a991cadfbe0f3aa32e09c5b8f034bcf90762a
SHA256

a5cc5b0e931bdb28ac650196c14001cc97d87909f41d195735d0fdc1362c4191
SHA512

4119bba1a5048a4327067e455460e25f9352ab631282cf6fbedb9f65176448386839ad22701cd2a823f37cc45be497d8cd6b89d304b60cd8d4d9fb22311a6b6b
SSDEEP

768:dGDvaATMAu9wR5xFDvfaVjcIgbF64kyIXCr5Xt/RSuqSsFSpNcaTWy:4DRbu92vFzfMgRxFCk52h3UpNzTp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
190be2c1fa95ca319c1e08ad45058b77_JaffaCakes118

Files

190be2c1fa95ca319c1e08ad45058b77_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27718ddf38209305d7b9d66aa88c5e08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wnsprintfA
StrCmpNIA
PathMatchSpecW
PathFindFileNameW
PathFileExistsW
wnsprintfW
StrStrW
PathRemoveFileSpecW
StrCmpNIW
wvnsprintfA
wvnsprintfW
PathCombineW
SHDeleteKeyA

advapi32

RegDeleteValueA
RegQueryValueExA
DuplicateTokenEx
CryptGetHashParam
RegCloseKey
CryptCreateHash
CryptReleaseContext

Sections

.mnmd
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ozel
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zax
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ