aa132ef10f213a83b8edfde6546ca3af_JaffaCakes118 | Triage

Sharing

General

Target

aa132ef10f213a83b8edfde6546ca3af_JaffaCakes118
Size

432KB
MD5

aa132ef10f213a83b8edfde6546ca3af
SHA1

e5bc652a0d468677e7e4edceb75a8b9c458acdbf
SHA256

dec109b879e2ce39464d7deab798eb8aceb3f58c9583052c87dc693c97652409
SHA512

1391a67cd80151ad54129a5c0271c658dad6bc15f47cea9024bb43cd1bf4bfde3289fa2041ef366d3e58d6dac67304b6de193b163bc9a8682911e259436bcbd5
SSDEEP

12288:QkCdyiaajRf8EQ9TfTL+VWmQYeFe68ID/B3Se:Q9R+Q2e6jh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa132ef10f213a83b8edfde6546ca3af_JaffaCakes118

Files

aa132ef10f213a83b8edfde6546ca3af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c47f54234bf0feccf55f8df597641147

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
CryptAcquireContextW
GetUserNameW
CryptGetHashParam
CryptReleaseContext
RegDeleteValueA
RegQueryValueExA

kernel32

lstrcatA

shlwapi

StrStrW
PathRemoveFileSpecW
wvnsprintfA
PathCombineW
PathMatchSpecW
StrCmpNIA
wnsprintfW
StrCmpNIW
PathFindFileNameW
PathFileExistsW
wnsprintfA
wvnsprintfW
SHDeleteKeyA

Sections

.obchqb
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hib
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fyn
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ