bff9174445b232f80f7e3bb6b037a680_JaffaCakes118 | Triage

Sharing

General

Target

bff9174445b232f80f7e3bb6b037a680_JaffaCakes118
Size

48KB
MD5

bff9174445b232f80f7e3bb6b037a680
SHA1

6a5b756eea932fc29fc8d517c95a195a82b32344
SHA256

be8b2192fa35e7e858f75924b4975847db1becbe31af40b6a98eb6e289a97d1c
SHA512

e59db224f6f41b672f64f20b63a1495f8f0add721935fb18dad9366ae94e3d15118ff397a1ca6f543031157d26e1d765a358cf19dd0dda27007f677903672ae4
SSDEEP

768:Qj/i1l8iI4PciLB90t66NY7IEThzuaP31zE2Q0+cZ0ifFeRyPQ8IuzMQ:f1l8iFz/PTj31zPQ80AoleM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bff9174445b232f80f7e3bb6b037a680_JaffaCakes118

Files

bff9174445b232f80f7e3bb6b037a680_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c111a1175ae02c42bde92939379753e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash

kernel32

MultiByteToWideChar

shlwapi

PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrStrW
wnsprintfA
wvnsprintfA
wvnsprintfW

user32

CloseWindowStation
DrawIcon
GetClassNameA
GetCursorPos
GetIconInfo
GetKeyboardState
GetWindowThreadProcessId
LoadCursorA
OpenDesktopA
PeekMessageA

Sections

.ctaxwz
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xtk
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mfehij
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ