87db834df3d0acf04ad3f553f52b9a72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87db834df3d0acf04ad3f553f52b9a72_JaffaCakes118
Size

50KB
MD5

87db834df3d0acf04ad3f553f52b9a72
SHA1

a8b91317754cae56e22c2edd64c5917f68931dc4
SHA256

ad879c30013efb1aa19d21f5aa459e8010c2f9b77cf0e0b7bc9d766ec763cd4c
SHA512

aa40d0f8125493d50562f4a7af727b963f183d7a35e297aa3b70ec2701085796080cc90afc45f266b6d72c0d191d93f767bbd2e6982adfcc9e15efba6ea0656e
SSDEEP

768:nUSsun5InPQTZclIWJdIwZkG4cOOh8dbN/h6Ivz6DczyClMiF6O:USsu5+uFWr4xNN/RVOq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87db834df3d0acf04ad3f553f52b9a72_JaffaCakes118

Files

87db834df3d0acf04ad3f553f52b9a72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abb54a43fb5b9e60ce0e7a6cd51beed9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

GetFileTime

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIW
StrStrW
wnsprintfA
wvnsprintfW

user32

CharLowerBuffA
DispatchMessageA
ExitWindowsEx
GetClassNameA
GetClipboardData
GetDlgItem
GetForegroundWindow
GetWindowTextA
GetWindowThreadProcessId
OpenDesktopA
PeekMessageA

Sections

.lkdyj
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jwxej
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lyh
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ