dff335e5b562a1231af0253082ba6b5e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dff335e5b562a1231af0253082ba6b5e_JaffaCakes118
Size

180KB
MD5

dff335e5b562a1231af0253082ba6b5e
SHA1

6eddced33efaec1ddeadd07da92354ed87a42fcf
SHA256

8e322ece4af5c6137ba896fedae5ab7052022f7d25eed30b7709f943e28a169a
SHA512

baf72a06ab838e41827a75fc48110f2120910408504e7f571d28166ae64e5cc610b84567a147bef3744571e1216f1eb9182b761dc6a39eb8257213fdb867e9c6
SSDEEP

3072:Coxbncg3cWwmhdlUzJOX3jBm2tgNAVondC5HYPrBWtg6FYwW7:DYmPlUujBm2tgNAVCM5Y4tVFYwW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dff335e5b562a1231af0253082ba6b5e_JaffaCakes118

Files

dff335e5b562a1231af0253082ba6b5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60e22d80673654f7a8c2ea4a3752340f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
MapViewOfFile
FindResourceExA
UnmapViewOfFile
EnumResourceNamesW
OpenWaitableTimerW
GetModuleFileNameW
DuplicateHandle
FindFirstFileA
FindClose

shlwapi

PathFileExistsW

shell32

Shell_NotifyIconA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyA
RegSetValueExA

rpcrt4

NdrFixedArrayFree
UuidCreate

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ