b3b7fa726558314f060b3ecf4b51bd10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3b7fa726558314f060b3ecf4b51bd10_JaffaCakes118
Size

761KB
MD5

b3b7fa726558314f060b3ecf4b51bd10
SHA1

bedd1e2727320229a4f10d85f1d1f504e2ec5cdc
SHA256

47f271e1dda95a7b945925b302a8cec07696523cdbeeb5eb1c08e7378c9db93c
SHA512

cfafe542c59ea767ad7cef8a0d3819ba72cabf3f99edf5df38de5adbbc8751a9d8841900cda8eac689fd4e3a0effd24b3afe2c9e4938c6ca381f7b27fcda4a50
SSDEEP

12288:F5H5EJki5la+vXUTNffDf7fXMnsxgxoiezVDCik02OS/ME9CN5Cj3QrnWwvqlvY:R9Gl1vQDfzMnmO6A02P0E9CN577W0/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b7fa726558314f060b3ecf4b51bd10_JaffaCakes118

Files

b3b7fa726558314f060b3ecf4b51bd10_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a965e28c6f84eaa2d83d0ced3fe81636

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
CryptHashData
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA

shlwapi

PathCombineW
PathFileExistsW
PathRemoveFileSpecW
wnsprintfW
wvnsprintfA

user32

CloseDesktop
EndDialog
GetMenuItemID
GetWindowThreadProcessId
LoadCursorA
MsgWaitForMultipleObjects
OpenWindowStationA
PeekMessageA
SetProcessWindowStation
SetThreadDesktop
ToUnicode

Sections

.tmrsn
Size: 46KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kvajyp
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xox
Size: 6KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ