b98e784b246b59a7f9d1b94e99fe0b51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b98e784b246b59a7f9d1b94e99fe0b51_JaffaCakes118
Size

48KB
MD5

b98e784b246b59a7f9d1b94e99fe0b51
SHA1

0f4312e0cdbccac866aa3ae5329fbc20f1dbb1b5
SHA256

262c5f8a6c78f590dffeee017e75e5175c4a3e975af8106f3d8cc881e6da25ba
SHA512

9948625927b6084f6a8d77f1f4c8022dc010ec1cf8232a93e935347cad5983e6d830ea9eca3235d3e9fd430c7af15dae6cbc86b49c45a2788617eda5f4a5fbbe
SSDEEP

768:Y97q42GlmGveoWc0IbFFT7TYk2YworGO57WZ/FwKvZ94e+bcf:YUPsheoWIvZRworGv/FwKB9p3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b98e784b246b59a7f9d1b94e99fe0b51_JaffaCakes118

Files

b98e784b246b59a7f9d1b94e99fe0b51_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b48eac25fcebd0e5d08cc9723c493528

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

ReleaseMutex

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

DispatchMessageA
ExitWindowsEx
GetClipboardData
GetIconInfo
GetKeyState
GetMessageA
GetWindowTextA
PeekMessageA
SetProcessWindowStation

Sections

.zip
Size: 38KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gvstup
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jan
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ