ae4c71696d7d77ff8c15dbcbd9a4818a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae4c71696d7d77ff8c15dbcbd9a4818a_JaffaCakes118
Size

468KB
MD5

ae4c71696d7d77ff8c15dbcbd9a4818a
SHA1

1ff0ed1805ef669c50d38f39170a5eb9f738c734
SHA256

00aa958910be1399af6edf2638b9eb92ba414b15de719510424f5e4a294156f5
SHA512

cb702b4865cfe15f2eb685174fe1c87c589abbded8a866697ab6de86046197ccd36ab64428ba421d399ce61bca6601fd814a189778b185c3efbd21ef17ef92f0
SSDEEP

12288:agAZ3R/9BnCBuwLwj4afbIXwZa8/ExCtjhXYNzsM:HA1NCQwLgAw4Jgja2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae4c71696d7d77ff8c15dbcbd9a4818a_JaffaCakes118

Files

ae4c71696d7d77ff8c15dbcbd9a4818a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e399161ab0ea70e8f4e7647307ddbe5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
GetPrivateObjectSecurity
IsTextUnicode
LogonUserA

kernel32

CreateFileW
ReadFile
CloseHandle
CreateFileA
RemoveDirectoryA
SetConsoleMode
HeapSize

Sections

.mpif
Size: 34KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lej
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jsl
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE