d347caed4b4e851571cd8ad6b86289ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d347caed4b4e851571cd8ad6b86289ea_JaffaCakes118
Size

60KB
MD5

d347caed4b4e851571cd8ad6b86289ea
SHA1

1e692833c1d8756fdd7f8c85d670da8ba7510e6e
SHA256

823cf8aa742f8b6405a8d3ad2e7d6b9872e44ff0306f0df787ad0f5dc6e68906
SHA512

dcb28fe1e4bc90470b4b8ad4f41b1b848657746efe55c5734c740a0c29234707958d5a64e25ac6883227db381555efbc8521c17ce598e3e461550758183919a6
SSDEEP

1536:0Db4dIT+dwEgj98DLcQZzUIiseJDMCr1MpkgBvYUCCM0l:jI8gxKLcQ21seJDHrGkCQUCF0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d347caed4b4e851571cd8ad6b86289ea_JaffaCakes118

Files

d347caed4b4e851571cd8ad6b86289ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

023a130908383c52a0e3d587e8a46215

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptDestroyHash
CryptHashData
GetUserNameW
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

InitializeCriticalSection

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
wvnsprintfW

user32

CharLowerBuffA
CloseDesktop
CloseWindowStation
DispatchMessageA
GetClassNameA
GetDlgItemTextA
GetIconInfo
GetWindowTextA
GetWindowThreadProcessId
LoadCursorA

Sections

.rwfop
Size: 51KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svqf
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hitct
Size: 6KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ