aadc0197e83e429f45a62b42dee773a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aadc0197e83e429f45a62b42dee773a7_JaffaCakes118
Size

50KB
MD5

aadc0197e83e429f45a62b42dee773a7
SHA1

c7163a881156f4f007810948affb921476becdc0
SHA256

abf72944971e430206065ef747426ef7483fb15e36ee12fb286d606de248528a
SHA512

3bf2187817ac111ee4e287fe6725ca07fb79502a0ac758f4a3963134017cf9e4cb020130a398b8eefc52a6bbf742d77ef580daa8202036f7cfe3473c367caa82
SSDEEP

768:bdbUWZO/Fu2ZjoaAtQEeO/0XyCFlymkafX+tTmHBcnyoexMh:BPz2Zk9x/3CFEjMXUyB10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aadc0197e83e429f45a62b42dee773a7_JaffaCakes118

Files

aadc0197e83e429f45a62b42dee773a7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

694b916911362f82412cea4397d4cce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
RegCloseKey

kernel32

CreateMutexW

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wvnsprintfA

user32

CharLowerBuffA
CharUpperW
CloseWindowStation
DispatchMessageA
DrawIcon
GetClipboardData
GetCursorPos
GetIconInfo
GetKeyState
GetWindowTextA
OpenDesktopA
SetProcessWindowStation

Sections

.pgr
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fmb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zmh
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ