63c995dfb767ef77aed3bd303c5da34f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63c995dfb767ef77aed3bd303c5da34f_JaffaCakes118
Size

45KB
MD5

63c995dfb767ef77aed3bd303c5da34f
SHA1

5aceda495c5d3eafddb01a8a2a65bf41376524db
SHA256

a8077817cd41e40186f41319e770eab295ae6b8b09877ad74994a724d6a511f1
SHA512

ae59aa7248bdba32b017e3eb567f08ade8562af6af48466d47d249f41e9636764fd934f435e1066488a7b431a06a2a76cc35acdfa8b7df4e294630397ab19ae7
SSDEEP

768:AKYvGyesCBIoU/EzMUHP78ANE+DQsRs/FsdiOwf+KOhOXuouy:AKkeBBIHcuA8rFNgKOZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63c995dfb767ef77aed3bd303c5da34f_JaffaCakes118

Files

63c995dfb767ef77aed3bd303c5da34f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

58adf83fb48e5f57283fa01d9bd80cdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
DuplicateTokenEx
RegCloseKey
CryptGetHashParam
RegDeleteValueA
RegQueryValueExA
CryptCreateHash

shlwapi

wvnsprintfW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIW
PathCombineW
wnsprintfA
StrStrW
wvnsprintfA
StrCmpNIA
wnsprintfW
PathFindFileNameW
SHDeleteKeyA
PathFileExistsW

Sections

.dglct
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.czuxcr
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wxcx
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ