c0bca6cd1dc4590f375b6eb7bfe83d01_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0bca6cd1dc4590f375b6eb7bfe83d01_JaffaCakes118
Size

489KB
MD5

c0bca6cd1dc4590f375b6eb7bfe83d01
SHA1

f8b2dcfe96c14e2478a51999009e617674777eb0
SHA256

8d4585123f6dc5cbd6c72b675d7902a49d7e04221edc8d95c929d2feecf60fdf
SHA512

2b89e570956449f3bace94312105f1e9a71fa9469a7d418865625990ed359142216cc90a7d2d27344acbcd1bdcd47d12d9e9cabf03d6f1c8529448de17c2c4b2
SSDEEP

6144:hFOe5CaJs9hSeeH2muoGYHOpd7mrJ4NEfsmsHrBmsw6FNzjVpS2ubm9V6OnZp9D9:TO9F82Ll7digQ0tmOpjVpI4DDXyidcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0bca6cd1dc4590f375b6eb7bfe83d01_JaffaCakes118

Files

c0bca6cd1dc4590f375b6eb7bfe83d01_JaffaCakes118
.exe windows:5 windows x86 arch:x86

953f6f6e410232c0d4b4b049bd06f708

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

shlwapi

PathCombineW
PathFileExistsW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfW

user32

CharUpperW
CloseWindowStation
EndDialog
ExitWindowsEx
FindWindowExA
GetClipboardData
GetDlgItemTextA
GetKeyboardState
GetMessageA
PeekMessageA
SendMessageA
SetProcessWindowStation

Sections

.fep
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pur
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bsj
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ