41664ad29a3005af682e9e03dc5214d1_JaffaCakes118 | Triage

Sharing

General

Target

41664ad29a3005af682e9e03dc5214d1_JaffaCakes118
Size

48KB
MD5

41664ad29a3005af682e9e03dc5214d1
SHA1

ffd59505f6c3c4e524c529f5166d1c3d65edb43c
SHA256

1597a8529e7eee5611448a647e7cf16de21d14629f25fd89739bd57ad0e54e4b
SHA512

8a3a4d8ad5c15a874d9585c306384959ee65f358aa3249b739fd281ad27f18cbc8077fc8d46a548c2603018a074c03dd9defb4076adf029a8ce35921a6cd04a7
SSDEEP

768:ECSuv4FyjIyFJAtxll1MpZ+gZ6fbMcWKUQeOTgEyqx7zqUV75v2dZc8J1oK47qJa:xk5uel1MqgQf4cWdKxx7zPVQdZjoKK5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41664ad29a3005af682e9e03dc5214d1_JaffaCakes118

Files

41664ad29a3005af682e9e03dc5214d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79157e29b616699f405ae02fd5e470b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

lstrcatA

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
wnsprintfA
wvnsprintfW

user32

CharLowerBuffA
ExitWindowsEx
GetClipboardData
GetCursorPos
GetDlgItemTextA
GetIconInfo
LoadCursorA
OpenDesktopA
OpenWindowStationA
SendMessageA
SetProcessWindowStation

Sections

.wpsb
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ovslup
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hsj
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ