d18b31ccf5c916b16b645b10e8a69676_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d18b31ccf5c916b16b645b10e8a69676_JaffaCakes118
Size

1.1MB
MD5

d18b31ccf5c916b16b645b10e8a69676
SHA1

9ee82a59c9d4e6cfb2657985dac5179527ed9049
SHA256

0ed753b62b7074c8f827788cd762e8e45062ed659aad6cffa4d0400b90aa1b13
SHA512

1a734a3d7175bd567459ca65ef7d7fcc535f1a4a8e7187a7e118bcf9405a0320bc5f4a723bf55407ee5d1b6f29fa5223c77d98d5ef80de273632730e5a43ce54
SSDEEP

24576:RgBMcAvN6/pPKoIbFsHEwnz1NhMPJs5iodMih+t:ReMXvI/8S1/z5kihg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d18b31ccf5c916b16b645b10e8a69676_JaffaCakes118

Files

d18b31ccf5c916b16b645b10e8a69676_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c09fc0e2a4825a67bf9aa995a4114719

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

SetEvent

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
StrCmpNIA
StrStrW
wnsprintfA

user32

CharLowerBuffA
DispatchMessageA
DrawIcon
EndDialog
FindWindowExA
GetClipboardData
GetCursorPos
GetDlgItem
GetIconInfo
GetWindowTextA
PeekMessageA
SetProcessWindowStation

Sections

.qpyvqz
Size: 43KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.elep
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xot
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ