a3796d7e6753960b646492d8e911aabd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3796d7e6753960b646492d8e911aabd_JaffaCakes118
Size

48KB
MD5

a3796d7e6753960b646492d8e911aabd
SHA1

ae1624c73a7a6304edad29f217d18a0d88487d56
SHA256

b017e5650d9653aa0deb33240d3032626125975d88406695fc2346b51c2f4c45
SHA512

c2752dcea64f893d14b4de5ff13ad9c8881b85f2b4def63bffa58957d9166ce425adbf2938f0f7fe4752f6cd152294fc0182a19581189c90812d97003bf7ac48
SSDEEP

768:KT4ADVWJC9NjbrtPZ9EUjM8aEwEaDgrXnQnNyo5YZJEG3FoVudJip+8zG54S:XyjbrhZ9xraEwbDAoUp3F4McS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3796d7e6753960b646492d8e911aabd_JaffaCakes118

Files

a3796d7e6753960b646492d8e911aabd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d8fac77931f4376abac5a2f4f1de024

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

kernel32

OpenMutexW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
SHDeleteKeyA
StrCmpNIA
StrStrW
wnsprintfA
wvnsprintfA

user32

EndDialog
GetCursorPos
GetDlgItemTextA
GetKeyState
GetMessageA
GetWindowLongA
GetWindowThreadProcessId
LoadCursorA
OpenWindowStationA
SendMessageA
ToUnicode

Sections

.iryjcz
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ejmr
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vgt
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ