a9423a9915796eca26e202caa857ee5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9423a9915796eca26e202caa857ee5a_JaffaCakes118
Size

777KB
MD5

a9423a9915796eca26e202caa857ee5a
SHA1

b3049f53ece359ccfb4ff983286cc37b9451ea13
SHA256

9596c03b6b8b871bee706858075612becc9565114cf28dbc9b12f7570e1b1122
SHA512

b8e6929e190f5c6cac860cce0c982b8cef875fd0e40d5b17d631be980ba8825540f8d64ea6b08c0f38938493421ff271492d6fd9b13deda22e9688f1f5029e6d
SSDEEP

12288:2KK1u26g5DYR4iHgg3zaMOglOVsIAkNtgs8ew/pCb1BEb6UbmF29xHI5BToV8dQJ:gI26wArbtIxgu6KBebmFAq5BEV8dQAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9423a9915796eca26e202caa857ee5a_JaffaCakes118

Files

a9423a9915796eca26e202caa857ee5a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a60c24b29b4a454affc3accf21cf0b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CloseDesktop
CloseWindowStation
DispatchMessageA
EndDialog
GetDlgItem
GetWindowThreadProcessId
LoadCursorA
PeekMessageA
SendMessageA
ToUnicode

Sections

.jin
Size: 38KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctqnaj
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vobcd
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ