b5765a259d5a958eff36868dec91fbd1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5765a259d5a958eff36868dec91fbd1_JaffaCakes118
Size

48KB
MD5

b5765a259d5a958eff36868dec91fbd1
SHA1

37672c65878339cf8a3900c07ebe695e58a231b6
SHA256

a9af0c9542f38a76eb49bea28096ba41b551bbaa33043e26c996f269ea6c8d23
SHA512

aba7c8b79621b26b7c45416243a4f63fa4c2e7a7be4af99ad46aea9f1e99aef52898ce01551c10221841f490648ec2ff813b0c3aa889d0e6433a45d41cdc553c
SSDEEP

768:j2D5Mu+eKjdJ/efP8GWlV/v615hiuHxZT4iIyw5mrxvWTPdQGNWh7KV2wIXBaaE:j+5MnxdAUGWLC1KGTl9ri8YIXBaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5765a259d5a958eff36868dec91fbd1_JaffaCakes118

Files

b5765a259d5a958eff36868dec91fbd1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

647ea140427f5332c921bf4c54e279a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
PathFileExistsW
PathMatchSpecW
StrStrW
StrCmpNIA
PathCombineW
PathRemoveFileSpecW
StrCmpNIW
wnsprintfW
wnsprintfA
wvnsprintfA
PathFindFileNameW
wvnsprintfW

advapi32

RegCloseKey
CryptReleaseContext
CryptGetHashParam
DuplicateTokenEx
CryptCreateHash
RegQueryValueExA
RegDeleteValueA

Sections

.dsp
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zwz
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pkz
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ