d0e02d633e4faebd2dd7b4e4ea14e8ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0e02d633e4faebd2dd7b4e4ea14e8ff_JaffaCakes118
Size

261KB
MD5

d0e02d633e4faebd2dd7b4e4ea14e8ff
SHA1

d99c4b5ac14601ccc6e129831a1f6c7e24b0133d
SHA256

7c81c52b07ba91ec0d6eb9ad42d10016644d602b538024a898795dbda679ca91
SHA512

afd3a9c36dc1b8a2d6c93a380fc702657c42d74565ccd3d716db528de90e1d41723676cd340de8d1af9f39e73c5bcdbdba1ff2e1227fb074f8c033cc2b24544c
SSDEEP

6144:aU5EEkKzsVqFjV25iktAfzWzvxHH+DpbZwH2AoA54NK:aUbLFo5ig5HybA2O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0e02d633e4faebd2dd7b4e4ea14e8ff_JaffaCakes118

Files

d0e02d633e4faebd2dd7b4e4ea14e8ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

22f6d0cf771a5839b8b15e9eb810bfeb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

GetModuleFileNameA

shlwapi

PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
wnsprintfA
wnsprintfW
wvnsprintfA

user32

CharLowerBuffA
CloseDesktop
DrawIcon
FindWindowExA
GetKeyboardState
GetWindowLongA
OpenDesktopA
PeekMessageA
SendMessageA
SetProcessWindowStation
ToUnicode

Sections

.pqhwl
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atkf
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rkx
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ