be65cfa5fd24c5a461ec8f868d4258ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be65cfa5fd24c5a461ec8f868d4258ee_JaffaCakes118
Size

51KB
MD5

be65cfa5fd24c5a461ec8f868d4258ee
SHA1

57647f8d2f23eb7a76e901396b88bb464c41e866
SHA256

22c8d5fc57c97ec2b7965bddefcb3a85edddc9bd6996b12981e9419ae321f428
SHA512

72f7b2366e89ceede199652ccf57d8903a362046bdb426107ea98a907e6b6f980f6ff5a25d76a5b15bcee88499415a7401e8a5f3977e403fa5daecd1738fb443
SSDEEP

768:nAFM2B+1vDHMq+XnHCkKL5RBYEgU/66nIV5WTu138qLSiLg4yf08VMjAHpxE:nSBW4nGL5xgU/3IiS1M0XL0VvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be65cfa5fd24c5a461ec8f868d4258ee_JaffaCakes118

Files

be65cfa5fd24c5a461ec8f868d4258ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4599eea9505f271e1ea098a35f95e573

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptCreateHash
CryptReleaseContext
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

kernel32

InitializeCriticalSection

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
SHDeleteKeyA
StrCmpNIW
wnsprintfW

user32

CharLowerBuffA
CloseWindowStation
GetClipboardData
GetDlgItem
GetWindowTextA
MsgWaitForMultipleObjects
OpenDesktopA
OpenWindowStationA
SendMessageA
SetThreadDesktop

Sections

.vktsb
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gjwxmz
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydmx
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ