01aed193ac87eed6ce40e7cb7d35b36e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01aed193ac87eed6ce40e7cb7d35b36e_JaffaCakes118
Size

48KB
MD5

01aed193ac87eed6ce40e7cb7d35b36e
SHA1

02a3a2331fdede6e0648cdbfe0b49f2bc9a11b01
SHA256

917b70c0bf245c0d9aacb2ccaf1ab231a0c1ffc7d6e05e490404c0ed55da1e06
SHA512

c5a2b5cb168f7a503080bbeaa6c2fbb1d6194517c16b1aafad266b5eebba7f7a619b7bcc11d88d17538858cdd7bc4796e8a158b7d1cec04055eeb5b46e0a9af9
SSDEEP

1536:PX2UEFDhqzVKTVZoYwbTt+F1fnqTUzuFyhqC6:0FDhqzVrYytKfq2uwA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01aed193ac87eed6ce40e7cb7d35b36e_JaffaCakes118

Files

01aed193ac87eed6ce40e7cb7d35b36e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

40f5b74b8f0d5cde5f69bcd3c7237d1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
RegCloseKey
CryptGetHashParam
RegDeleteValueA
RegQueryValueExA
CryptReleaseContext
CryptCreateHash

shlwapi

PathMatchSpecW
StrStrW
PathCombineW
PathFileExistsW
PathFindFileNameW
wnsprintfW
StrCmpNIA
wvnsprintfA
wnsprintfA
SHDeleteKeyA
wvnsprintfW
StrCmpNIW
PathRemoveFileSpecW

Sections

.dwr
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydmjyt
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dcpgt
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ