a312e396b45e707a4e905d2f95660407_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a312e396b45e707a4e905d2f95660407_JaffaCakes118
Size

580KB
MD5

a312e396b45e707a4e905d2f95660407
SHA1

60046c1f585c11de5dad762c9665efe5dd3c546c
SHA256

feba6c7220c26e0fdf87a4021e76fb5060f6b83030b3e47c036731c8e1e3c755
SHA512

df52bd151cbcac9ad8bfa470fed51989fa4c6e23f628004236d02db3035026d0dd92b32c1ed93401e870877ed6ed096acad7136bd07468a381da71cb567f0dd9
SSDEEP

12288:dCKUNkg6Hu6kCkasytLZ36Z+MrogeQB4Z4Ixmh4Q0sxON1yuB8:MKIkDH2CxnO+ADzBwzQiye8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a312e396b45e707a4e905d2f95660407_JaffaCakes118

Files

a312e396b45e707a4e905d2f95660407_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3f785bb27e9b7675e729cbaf5a9f463

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrStrW
wnsprintfW

user32

CharLowerW
CloseWindowStation
DispatchMessageA
ExitWindowsEx
FindWindowExA
GetClassNameA
GetDlgItemTextA
GetKeyState
GetWindowLongA
GetWindowTextA
LoadCursorA
OpenWindowStationA
PeekMessageA

Sections

.czeh
Size: 44KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kvqj
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tib
Size: 6KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ