d3e9f9acd8fa48e07271151cf7d18d25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3e9f9acd8fa48e07271151cf7d18d25_JaffaCakes118
Size

50KB
MD5

d3e9f9acd8fa48e07271151cf7d18d25
SHA1

db8cb490461384d9851fb3998674b23aa5c066e1
SHA256

28627a0cc7e01b1505d85e9d696351b26686c234174117bab298cc25c8e5f398
SHA512

19478ce841f7846090bd89175f205f83257daa88a73507bdfd420b9266fef0be44977911c6c343932a01a1d7ba9eb56025e394010ddb46aa7799dbf02f602439
SSDEEP

768:ZZu3fgRtGtnieCqwqko4X6VapEgV9ggu52Ka72/1UpJjYt:KPgRtwiywq/4k3gVG2DKYM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3e9f9acd8fa48e07271151cf7d18d25_JaffaCakes118

Files

d3e9f9acd8fa48e07271151cf7d18d25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3c17a1d0089a71f41fa38325caa4a8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam

kernel32

lstrcatW

shlwapi

PathCombineW
PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrStrW
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
CloseDesktop
DrawIcon
ExitWindowsEx
GetKeyState
GetWindowLongA
OpenWindowStationA
PeekMessageA
SendMessageA
SetProcessWindowStation

Sections

.edyx
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.huh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jiv
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ