d5c3fd3356fb519761538c2477d971f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5c3fd3356fb519761538c2477d971f2_JaffaCakes118
Size

53KB
MD5

d5c3fd3356fb519761538c2477d971f2
SHA1

8cc6f6155ddca9ff43c0f07af4ac62a775257bd9
SHA256

638d38a0bb02ede00d939e9ac08aec4584e66188686fa40d728546d104369088
SHA512

c3ec34324368c130a6621ccaaf762a372f8255484f7a9ceb6396fa09e61a9b414f99cdc0feb6ee09ab313ccb23c82f3aedf645d58cb67c3ca691b4a1be814c3d
SSDEEP

768:g9/qWhHDieFOw3iRkf5UdDF91ELPV5WGVPVIf6T/O24bc+DL6ShBE:+TLFOSiJDFk8GVNIf6T2s+Dk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c3fd3356fb519761538c2477d971f2_JaffaCakes118

Files

d5c3fd3356fb519761538c2477d971f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b3f6f7e8b1e7a4bf56d07beb83511b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

kernel32

lstrcpynW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wvnsprintfA
wvnsprintfW

user32

DispatchMessageA
DrawIcon
GetClipboardData
GetForegroundWindow
GetMessageA
GetWindowLongA
GetWindowTextA
OpenWindowStationA
PeekMessageA

Sections

.txtj
Size: 43KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txtsx
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.txtb
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txtc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ