3b46acc132202141de53171bf2e65373_JaffaCakes118 | Triage

Sharing

General

Target

3b46acc132202141de53171bf2e65373_JaffaCakes118
Size

46KB
MD5

3b46acc132202141de53171bf2e65373
SHA1

1bffaf1ec86432915b98012e67ac9055a5e0ba13
SHA256

b038a4f711ca879685f5ed1c1634c0a42d72d33c6f2756ddcfa1f5718e5c848e
SHA512

9adab53dea6f9d0f07f87695205f9f3c8f991e2fcf06d91987a38d6429e4f7a84fb43ed16877ba0a1c908e47c98432fbe70735a40c6738ed03b3c968fd746cec
SSDEEP

768:uULJeCyuz9wBNA7rzDjPDF+DPA2ENUToJc3anlR6BxbZ/pJPWexDAbWL/UkQZc:u4eU5hHjbF+s3jlgjBxWeDAblZZc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b46acc132202141de53171bf2e65373_JaffaCakes118

Files

3b46acc132202141de53171bf2e65373_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1aa9a4bc1609ba7f2b4ad3913d227955

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIA
PathRemoveFileSpecW
SHDeleteKeyA
PathMatchSpecW
wvnsprintfA
wvnsprintfW
PathFileExistsW
PathFindFileNameW
StrStrW
StrCmpNIW
wnsprintfA
wnsprintfW
PathCombineW

advapi32

RegQueryValueExA
CryptGetHashParam
RegCloseKey
CryptCreateHash
CryptReleaseContext
RegDeleteValueA
DuplicateTokenEx

Sections

.ynwbyr
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfkt
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xgr
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ