8712d0784e3201206df254493f1a0e20_JaffaCakes118 | Triage

Sharing

General

Target

8712d0784e3201206df254493f1a0e20_JaffaCakes118
Size

50KB
MD5

8712d0784e3201206df254493f1a0e20
SHA1

cf185b4b86d0e36139fec5ff85a9be88ef4a208e
SHA256

dfc6ac00c75f1fa301f699a78462e89491fc294dc87faab4140badabbc9271a7
SHA512

a9323e6df1eb27f9d5044cefa368022c2453055ab76fa66fa4a1248cfe8c2064940790086c3ecc014ff2d2d9933ad27dd8c3553b0148024b5032543bfe01efef
SSDEEP

768:Dyaz72zUGv+RssL/sx5nOy8ixFwIShyLbAOS2b0ejCnLPIYRalXCSswFr:Dc2MF8kgydpbLenlRW0wF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8712d0784e3201206df254493f1a0e20_JaffaCakes118

Files

8712d0784e3201206df254493f1a0e20_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f46c6037ac6178d42ccda72e64ad1c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx

kernel32

GetUserDefaultUILanguage

shlwapi

PathCombineW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wvnsprintfW

user32

DispatchMessageA
GetClassNameA
GetDlgItem
GetForegroundWindow
GetIconInfo
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetProcessWindowStation
SetThreadDesktop

Sections

.ncfgj
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fwjun
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bad
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ