04ee1eace7a01aac17430d696f30e09d_JaffaCakes118 | Triage

Sharing

General

Target

04ee1eace7a01aac17430d696f30e09d_JaffaCakes118
Size

46KB
MD5

04ee1eace7a01aac17430d696f30e09d
SHA1

6442a1ff532568e0a2eb6bc293f06b5000db7c27
SHA256

98b6b0c35bce3e1b468a337560776c6e3dfb6b0bc1a0dfe7f1899fd124ec1eb0
SHA512

31a4bcbf80566073d40db8590b91afb555e161286d78e0b4453dd83b406ffcd422c0b11f86c0d7e032b56f7685caaa2f4b7025e2ea23aa561873d4c3098abce4
SSDEEP

768:ZBRSY3dh6psvUMcyZj06Zp+usGSEipOhPBL9gvxPBeBNLqDES:Do2dhIs3LdZrsGSW9mA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04ee1eace7a01aac17430d696f30e09d_JaffaCakes118

Files

04ee1eace7a01aac17430d696f30e09d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

357f23b66e47757006014980d8deadb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
StrStrW
wnsprintfW
StrCmpNIW
PathRemoveFileSpecW
wnsprintfA
wvnsprintfA
StrCmpNIA
PathMatchSpecW
PathCombineW
PathFileExistsW
PathFindFileNameW
wvnsprintfW

advapi32

RegQueryValueExA
DuplicateTokenEx
CryptReleaseContext
CryptCreateHash
RegCloseKey
CryptGetHashParam
RegDeleteValueA

Sections

.uxgt
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sxef
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rotcj
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ