af434ef17c82b9dc6852cad7b6b9ba87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af434ef17c82b9dc6852cad7b6b9ba87_JaffaCakes118
Size

48KB
MD5

af434ef17c82b9dc6852cad7b6b9ba87
SHA1

fa8bf56ea4e4daa93043ef6de4b2fbc3d50ca4f5
SHA256

fcdb699e0a75032d057bdafd48bd6cda8689d4837b370c244d518d6058cbd7f4
SHA512

ecb8ff7634f16914fe10e9a711bfa7a9fd8ea51e0c53bee9004273ae8fcf8a69ccaf188428c1e747ee0eee7294c6ab0474be23e811cdb101d97a89b3a2dd3a7c
SSDEEP

1536:Rme9kEy2DIavNfMoVoHSTGCpN8SjAEb4RcFH:RmikEyvavNfzyH/CPX7XH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af434ef17c82b9dc6852cad7b6b9ba87_JaffaCakes118

Files

af434ef17c82b9dc6852cad7b6b9ba87_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36dde42913ebfcece0a8c49cd6dc6373

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

GetUserDefaultUILanguage

shlwapi

PathFileExistsW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

DrawIcon
GetDlgItemTextA
GetIconInfo
GetKeyboardState
GetMessageA
GetWindowTextA
LoadCursorA
PeekMessageA
SetProcessWindowStation
SetThreadDesktop

Sections

.kvwdcn
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dqnkn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lux
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ