e04801def86c8895b5171b14f0c45e6d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e04801def86c8895b5171b14f0c45e6d_JaffaCakes118
Size

54KB
MD5

e04801def86c8895b5171b14f0c45e6d
SHA1

f2d2a16c37cb1123a9df5c61c4abc33ecd797635
SHA256

77f2e52e658f52b9124c9788833d777c03e90cd19945127790661ed29fb51f66
SHA512

79b5e3354c97e55d13a1f3e822e582752a59d252babfda207e938b8ff666d271389da0923632f954693ca96609159843ac53c428ddfa608d17793ce7a66f5aed
SSDEEP

1536:Ttf8ntAOaI4Ho7cMRU2l1Zt00LjIpArMSfD:Tt3Of4I7ceU2l1jf+SfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e04801def86c8895b5171b14f0c45e6d_JaffaCakes118

Files

e04801def86c8895b5171b14f0c45e6d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b9fc53aac0dc1da35349dae329688308

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
CryptGetHashParam
CryptReleaseContext
DuplicateTokenEx
RegCloseKey
RegQueryValueExA

user32

CloseWindowStation
DispatchMessageA
EndDialog
FindWindowExA
GetClipboardData
GetDlgItemTextA
GetForegroundWindow
GetIconInfo
GetMessageA
GetWindowThreadProcessId
LoadCursorA
PeekMessageA
SendMessageA
ToUnicode

Sections

.text
Size: 44KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ