d6252f454cb51d10886d13ca3a3e20fb_JaffaCakes118 | Triage

Sharing

General

Target

d6252f454cb51d10886d13ca3a3e20fb_JaffaCakes118
Size

51KB
MD5

d6252f454cb51d10886d13ca3a3e20fb
SHA1

148e2e1010dcb43f6adecff15020a6d509dd5473
SHA256

127d21451cbcab0dddea391fa9debd67603283dd5d65ae72e4dd06be2ca4242b
SHA512

07aa7f8df0b1cde0df7a834191cf2ea2a33829718fd6592986157b81e876743bff2f3dae1d584b71e284f81b5c4db165f77d24d1640098c7cf954c15a8bca363
SSDEEP

768:SlEyIxH+pqxEmbzKYKccFEclwKxpEsUAwc7/6zD+ejR6kDB2dsy//THL1JWI:SEyIxHbxEqeceNeSEs+r+eF6XvWI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6252f454cb51d10886d13ca3a3e20fb_JaffaCakes118

Files

d6252f454cb51d10886d13ca3a3e20fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4f7b30e5d4fa77a618fd0314950867e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptDestroyHash
CryptGetHashParam
CryptHashData
RegEnumKeyExA
RegSetValueExA

kernel32

InitializeCriticalSection

shlwapi

PathMatchSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wvnsprintfA
wvnsprintfW

user32

GetDlgItem
GetForegroundWindow
GetIconInfo
GetKeyState
GetWindowTextA
MsgWaitForMultipleObjects
OpenDesktopA
OpenWindowStationA
SetThreadDesktop

Sections

.kvyvcf
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ktmp
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xylcd
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ