bee1992f9ca774ce32f570830e464dd3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bee1992f9ca774ce32f570830e464dd3_JaffaCakes118
Size

46KB
MD5

bee1992f9ca774ce32f570830e464dd3
SHA1

ae5b90e805cc035c62567a142051c8206e841f85
SHA256

394c09f9f5a6c12e878ff2b5f9baab02e5948bc0757a15eb7afbd4b50e3588a3
SHA512

1548d9052a9e4fab028738404f0d92a4e5c21d6e952ba5b082d044ef35434a35218062271a689ac42796afba5306714976b61fdc563bc7afce6084e6ca78755c
SSDEEP

768:H4on68Q49Z4ljTUyY/CJBDKhP88V56aB8LxR7287CL6yitUN6lUcnzGxZ:M8T4NUyY/CJBWXUaBsV2Mogt+wUQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bee1992f9ca774ce32f570830e464dd3_JaffaCakes118

Files

bee1992f9ca774ce32f570830e464dd3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2dba18e2e75ac88ff03f98dae4064390

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
RegQueryValueExA
RegCloseKey
DuplicateTokenEx
CryptCreateHash
CryptGetHashParam
RegDeleteValueA

shlwapi

wnsprintfA
PathFileExistsW
StrCmpNIA
SHDeleteKeyA
wnsprintfW
PathRemoveFileSpecW
StrStrW
StrCmpNIW
PathFindFileNameW
PathMatchSpecW
wvnsprintfA
PathCombineW
wvnsprintfW

Sections

.vqhcn
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbct
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abyv
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ