29dae2c90fcf6ef6bbd813007ea2aa69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29dae2c90fcf6ef6bbd813007ea2aa69_JaffaCakes118
Size

52KB
MD5

29dae2c90fcf6ef6bbd813007ea2aa69
SHA1

c6891227447449cac0a8db84ec8c2899dbe7a98b
SHA256

096c1b97fb31bb1274472f308f52361aa3953ad76a484979c3cb37ba6c5c2e30
SHA512

1ae47e541758f077a7b0b0eb073a94cafc15660d5d80008a3e39692e203fe5f14d16c6a369dc8f3f9a348063687bd95764e706ac4bb217da7d4714da82cf5004
SSDEEP

768:Z/VQzC556xc3whhfXyAs+Q1l9qlWVVLJFnznVtdTKrsFYp4eXO6nbcGXz3:9ei56xc32fLKT9qq99VzuriYiy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29dae2c90fcf6ef6bbd813007ea2aa69_JaffaCakes118

Files

29dae2c90fcf6ef6bbd813007ea2aa69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d5ae1c93c77fa5d69abb52d1b6bdd405

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

InitializeCriticalSection

shlwapi

PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wnsprintfW

user32

CloseWindowStation
FindWindowExA
GetClassNameA
GetDlgItem
GetForegroundWindow
GetKeyboardState
GetWindowTextA
LoadCursorA
MsgWaitForMultipleObjects
OpenWindowStationA
SendMessageA
SetProcessWindowStation

Sections

.sjohkr
Size: 42KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.snwdix
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zwn
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ