73e3e273606355bbba70cae21fa22f37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73e3e273606355bbba70cae21fa22f37_JaffaCakes118
Size

48KB
MD5

73e3e273606355bbba70cae21fa22f37
SHA1

b5cf575b3734d1c2aacbf288ee9a3af8463a21da
SHA256

fc6d436755e6f68dcb95596dcea3ce097a4fbe30fc7bd5ca99fa20953f835831
SHA512

e5b51c20351369d746db912154b2c214628f7309f0527a349c3dfd3a6114682b8fc11ff1af8c053a056b3482a3e2c514522f6d982a5753d601fa9c93281e6573
SSDEEP

768:v21xbXIqetknR/pSGZb61VAOgvXWBd+needr3kEhN+++MIbB8kyejvqmHzYQQdiv:+HIHkRREy7vG3AdA53dFDbHuditWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e3e273606355bbba70cae21fa22f37_JaffaCakes118

Files

73e3e273606355bbba70cae21fa22f37_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aeaf6e8b7a20f767cfb540436b70dab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam

kernel32

GetModuleFileNameA

shlwapi

PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfA

user32

CharLowerBuffA
CloseWindowStation
EndDialog
ExitWindowsEx
GetClassNameA
GetCursorPos
GetDlgItem
GetDlgItemTextA
GetIconInfo
MsgWaitForMultipleObjects
PeekMessageA

Sections

.lqh
Size: 38KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ytoz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jcn
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

flip1008
Size: 78B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ