422df0e26fb9b8160b6214990d40937b_JaffaCakes118 | Triage

Sharing

General

Target

422df0e26fb9b8160b6214990d40937b_JaffaCakes118
Size

53KB
MD5

422df0e26fb9b8160b6214990d40937b
SHA1

d446bbf6f0029691d0aa7a7dba3d91f948f4300d
SHA256

b832c9f259ab9f60ebed685c638e68e03ece1bcbc1c646f33f9f8ec4175cb8f9
SHA512

332d755a3d9f741b5e1a99e0835c07b8df4fae4609bbc4d6d9ca7fac1d073d141f103eb4ed0c55c0e423d5408c50a11c72cfe3bc1aae983e96cb638a85702641
SSDEEP

768:i06HxX/yhqTK/s0PnyQgAWInJAgKTK/kIRcQ5m9VO1F3PfD:i06Xa6K/s0POAWIh8K8J9VOv3Pr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
422df0e26fb9b8160b6214990d40937b_JaffaCakes118

Files

422df0e26fb9b8160b6214990d40937b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

320e249ef0fd36f0eafe60acb91a00c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx

kernel32

FindFirstFileW

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wvnsprintfA
wvnsprintfW

user32

CloseDesktop
DrawIcon
GetDlgItem
GetDlgItemTextA
GetKeyboardState
GetMessageA
GetWindowThreadProcessId
PeekMessageA
SetProcessWindowStation

Sections

.bed
Size: 43KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fst
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rap
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ