2e060ee6d9ede027f6115cdcbaa3200a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e060ee6d9ede027f6115cdcbaa3200a_JaffaCakes118
Size

51KB
MD5

2e060ee6d9ede027f6115cdcbaa3200a
SHA1

1d184db5fae633cb863f203cf3a3168021ca52eb
SHA256

769a3c2ca2141bd303a447b84e47bb4e117016ce0335118df90a4ca29e633c9c
SHA512

11c139bbbc6fa8fcf5c56c8e8768b3abee572187747cc0a62b282f4b2a19223780c324d29edd3d7dcfc77a799eb83033aa1e014f2c4508c2a93f0b6360ffcb95
SSDEEP

1536:JstMykb+/Rlz1+rJ9Zjv6hftZiNJU/1nmm4Zv3uB:Js1ki/Pz1kJ9IhfeJU/1nmJ2B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e060ee6d9ede027f6115cdcbaa3200a_JaffaCakes118

Files

2e060ee6d9ede027f6115cdcbaa3200a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4b6f85ca1438debd1da9f03247fc4fc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
GetUserNameW
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA

shlwapi

PathFileExistsW
StrCmpNIA
StrCmpNIW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
FindWindowExA
GetIconInfo
GetWindowThreadProcessId
OpenDesktopA
OpenWindowStationA
PeekMessageA
SetMenuItemInfoW
SetProcessWindowStation

Sections

.lybkb
Size: 42KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkr
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lej
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ