2ad7c665895b8e5895ff13e738c9abaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ad7c665895b8e5895ff13e738c9abaa_JaffaCakes118
Size

41KB
MD5

2ad7c665895b8e5895ff13e738c9abaa
SHA1

b1453350c78146e5e602b1a6fbead0f136366758
SHA256

f3483ed0410853cb9a2550756143658a56e7721da833843b56181299eadcd06f
SHA512

abd6a79681c5e1e2387fbad9bf6c44240cb61a18d99caa3586611f426d44d49f641fbc4cdea6e4956c361150c649fbbca96ce73f3a0647eedb117347668b4604
SSDEEP

768:hUJnTyiAuHpQbocJybU1IibxZvyzGzG1qPK2iCdSDd4dsWoRojrh:hI1jQb+b3ibxZ6qPKVDdksWgQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad7c665895b8e5895ff13e738c9abaa_JaffaCakes118

Files

2ad7c665895b8e5895ff13e738c9abaa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e399161ab0ea70e8f4e7647307ddbe5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
GetPrivateObjectSecurity
IsTextUnicode
LogonUserA

kernel32

CreateFileW
ReadFile
CloseHandle
CreateFileA
RemoveDirectoryA
SetConsoleMode
HeapSize

Sections

.hsbqd
Size: 34KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xqr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcxmz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xgr
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE