3a370be79371499962776162eaa963da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a370be79371499962776162eaa963da_JaffaCakes118
Size

51KB
MD5

3a370be79371499962776162eaa963da
SHA1

7d239c278a1c3ee59d8908da892f5f6442ef8dbe
SHA256

607e1363553c79f2128a0cfc7bba8eaf02fdcef8434aea397c274035cbf7f7ed
SHA512

dfbc9ed86cdd085085001d5487be431b9695d488eedfb828e6a9b1ffb3f07f9196ec55edcc883f27ff75e69145cb9e6e1f96282bcfd53eded7f5ad6fc6931e98
SSDEEP

1536:nJCvNX4YuOlxZMoFe8utCBYr2D2L+vGW:wvdtuOlxZ/tirOrGW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a370be79371499962776162eaa963da_JaffaCakes118

Files

3a370be79371499962776162eaa963da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91c3adc60139cc0f734a7aeb191f5510

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
CryptHashData
GetUserNameW
RegSetValueExA

kernel32

InitializeCriticalSection

shlwapi

PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wvnsprintfA

user32

CharLowerBuffA
CloseWindowStation
GetClassNameA
GetDlgItemTextA
GetKeyState
OpenWindowStationA
PeekMessageA
SendMessageA

Sections

.vuvwx
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gjqf
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nsb
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ