d72a7e5f85146822132b0cceb5691c49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d72a7e5f85146822132b0cceb5691c49_JaffaCakes118
Size

53KB
MD5

d72a7e5f85146822132b0cceb5691c49
SHA1

4ce460ac5e57d641a593d9a97c13c926ace416e3
SHA256

bf51ab318298ec9d0010743bca69f9cdf39496ef73b62267cbe5d6c11145091d
SHA512

7d11ddb246cc978838167ea7fa6ff2f33f6acb3182a176a21e41b1aa399c284c89ba10ad356734fc0309a0897649b1d923df3bf43b7edee774ef2a699324c055
SSDEEP

768:f/qWhHDieFOw3iRkf5UdDF91ELPV5WGVPVIf6T/O24bqDL6ShBE:nTLFOSiJDFk8GVNIf6T2aDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72a7e5f85146822132b0cceb5691c49_JaffaCakes118

Files

d72a7e5f85146822132b0cceb5691c49_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b3f6f7e8b1e7a4bf56d07beb83511b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

kernel32

lstrcpynW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wvnsprintfA
wvnsprintfW

user32

DispatchMessageA
DrawIcon
GetClipboardData
GetForegroundWindow
GetMessageA
GetWindowLongA
GetWindowTextA
OpenWindowStationA
PeekMessageA

Sections

.ebcj
Size: 43KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ngjsx
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kpqb
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ