d3942bd8455c73725bf24d21b119b41f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3942bd8455c73725bf24d21b119b41f_JaffaCakes118
Size

46KB
MD5

d3942bd8455c73725bf24d21b119b41f
SHA1

8361da59031c3e2c203a50a6726dc845f2546b0e
SHA256

32bdf1cc20190a962271d455df267535dde2f1e74a1dc8b8dd76eb16806bc832
SHA512

07d81fc059b26cbd71a9ff483c73a8682840e754b55b93e9f869e7b1eac05479d26f50230782fc2b51a6a5e99f5a8c98a3318c40a8213066ce8b16b94f21f896
SSDEEP

768:bQ1jGaTnk9/fkumk1BTFZA+YHES/7gWjHf8uugYA4JVxOhEaotZ4oLdIBOp4yoKa:bQ1jGynkBfzmk1lFNiEAHfmgYA4JZntc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3942bd8455c73725bf24d21b119b41f_JaffaCakes118

Files

d3942bd8455c73725bf24d21b119b41f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3c2f011282f0076a911933de52871b45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
RegQueryValueExA
RegDeleteValueA
CryptReleaseContext
RegCloseKey
CryptCreateHash
CryptGetHashParam
RegSetValueExA

shlwapi

StrCmpNIA
wvnsprintfW
StrCmpNIW
wvnsprintfA
PathMatchSpecW
PathFileExistsW
PathCombineW
PathFindFileNameW
SHDeleteKeyA
wnsprintfA
PathRemoveFileSpecW
wnsprintfW

Sections

.rgjmr
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.afkt
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jwf
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ