766c153ab6bd93599b50fb2b6d200330_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

766c153ab6bd93599b50fb2b6d200330_JaffaCakes118
Size

186KB
MD5

766c153ab6bd93599b50fb2b6d200330
SHA1

5219c8df72df184af8416120a76ee774ef38201d
SHA256

9eeef70a68f794dfaa4919b9649a099eea31349fa60422528826c6e474a454a4
SHA512

51aa5f17b649b76df5698ae598d1f8353603c64684d041f9deab5590b71eb0f9576eb595461ae8ad41e49b2b1b11ef24c7b24fd516c6d95671e24244eb777ddb
SSDEEP

3072:n2OJOBnOesDhB30qCcOP+VSTMu/UuWXmYWXVs1iHcNO1Qn1un7Rham6iFq:n4dovOPCNu/DFYW2aEOunhys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
766c153ab6bd93599b50fb2b6d200330_JaffaCakes118

Files

766c153ab6bd93599b50fb2b6d200330_JaffaCakes118
.exe windows:5 windows x86 arch:x86

853156e53047052282397701fd81476b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\JTygZVhoh\NjpWgyAUCm\yeoncPc.pdb

Imports

kernel32

HeapAlloc
MapViewOfFile
RemoveDirectoryW
CreateDirectoryA
SetEvent
GetPrivateProfileIntA
SetThreadLocale
CreateDirectoryW
lstrlenA
MoveFileExW
GetProfileIntW

shlwapi

PathUnquoteSpacesA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

MessageBoxA

gdi32

FillRgn

Exports

Exports

?SuperFunctionCall@@YGKXZ

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug01
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ