d98f09ed709b36cf337b2f3b4c509eec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d98f09ed709b36cf337b2f3b4c509eec_JaffaCakes118
Size

304KB
MD5

d98f09ed709b36cf337b2f3b4c509eec
SHA1

dd9a7f3d999da3ab099df01c8716766ecc69cdc3
SHA256

36cd0abc02567632b047ca87d1561461ba6caf33973cd87be6628ca92cffe314
SHA512

c3bb07084ec40ec7b236224a5b8cd203c60fd3808fb1b2d867e57e135e956be14546aec23a7fc8ddee5bb3f627241bbf84c8b19b5575726456e6ea1875f67e81
SSDEEP

6144:L/58Va07d/QMLaYddXcUNeM+H8s22ZI7B8p239ORiH1onRD:L/S/7HaYddMNM+cb2ut8E39kiHqnp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d98f09ed709b36cf337b2f3b4c509eec_JaffaCakes118

Files

d98f09ed709b36cf337b2f3b4c509eec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1bd07c05b16700cc747e4e838d98abe5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

OpenMutexW

shlwapi

PathCombineW
PathFileExistsW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wnsprintfA
wnsprintfW
wvnsprintfW

user32

DispatchMessageA
DrawIcon
GetClassNameA
GetCursorPos
GetDlgItemTextA
GetIconInfo
GetKeyboardState
GetWindowThreadProcessId
LoadCursorA
OpenWindowStationA
PeekMessageA

Sections

.wtij
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dkhyv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dyp
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ