4d827311e46378462003e51a17ad8d3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d827311e46378462003e51a17ad8d3c_JaffaCakes118
Size

51KB
MD5

4d827311e46378462003e51a17ad8d3c
SHA1

d5253068f1b0ed21761a4f9b44541e5ed4601480
SHA256

3c29bea1f8a54b49f5cb04516fd8c817fcc608b98e4b1655a69dd587d974abfe
SHA512

9b93537f5f709846d3a3e7db8d43f85330decb0883dc1911285734f4e67ad5788ab4a0f2ceba3209f56646c9c7bf0c0d4fb6985753bd7aa7fb99ff3c40760e55
SSDEEP

1536:VQvgTu1MjLQEgkOygebJ9duNUAdOPjG1HpX1:avMu1MwTkO9CJnFPqh1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d827311e46378462003e51a17ad8d3c_JaffaCakes118

Files

4d827311e46378462003e51a17ad8d3c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a89cbeebda7f358ab704580839e29fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
CryptHashData
GetUserNameW
RegEnumKeyExA
RegSetValueExA

shlwapi

PathCombineW
PathMatchSpecW
StrCmpNIA
StrCmpNIW
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CloseDesktop
DrawIcon
EndDialog
GetForegroundWindow
GetMenuItemID
GetWindowTextA
MsgWaitForMultipleObjects
SendMessageA
SetThreadDesktop

Sections

.wtilet
Size: 42KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmzex
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nwrmj
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ