a6b607ea3792c8294bd2bdfd6a0b2752_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6b607ea3792c8294bd2bdfd6a0b2752_JaffaCakes118
Size

48KB
MD5

a6b607ea3792c8294bd2bdfd6a0b2752
SHA1

fc31652ffee3d4fa8aae7a3a252886f13fa8d829
SHA256

e937382795ec9d6af7a3da2d7437feb3177390ac0d8e665d3daad3ec7bb39848
SHA512

d1f4721efd09e4595567e0d72011cd013d1fb944ccad3187000d5d7641f38c9febf812ea71a3a77019c19b86136c8fac7fd41cb41721adb782508ec8bc8f246f
SSDEEP

768:PFAN/TRXseOvzImkq3X/wV2tMu6SwKdcGoApO1+fGeCELIcEduRPhO3ALKmnU1:NANFXA00X/FlZpOGtpWNe3iZ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6b607ea3792c8294bd2bdfd6a0b2752_JaffaCakes118

Files

a6b607ea3792c8294bd2bdfd6a0b2752_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0caec8f05cbe0dfeb49656eb9168450b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
DuplicateTokenEx
CryptCreateHash
CryptGetHashParam
RegQueryValueExA
RegDeleteValueA
CryptReleaseContext

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
StrStrW
wvnsprintfA
wnsprintfA
wnsprintfW
PathFileExistsW
StrCmpNIA
PathMatchSpecW
PathCombineW
StrCmpNIW
SHDeleteKeyA
wvnsprintfW

Sections

.pkbux
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uhmfor
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fwhuj
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ