f69b9bc4af265b99f9215fa8803b6209_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f69b9bc4af265b99f9215fa8803b6209_JaffaCakes118
Size

597KB
MD5

f69b9bc4af265b99f9215fa8803b6209
SHA1

bcf3fed8efd574813ba64cac0bb06e5c9cfad148
SHA256

4e83086a28d83ebe5590e8c3af2e7cc0b853f90ec16e764cc2a32aa551e31e7a
SHA512

308e9590e3e56459d24953d90336904c7a369ad52df0f7bb57f60f6d2546a40eb3493e585743e85c892bf2ca4ecc0a3dd2642d0caf82fa9c33a3feab9113af6d
SSDEEP

12288:DLslemgZyWK5ti70kedeml+s3e+fjp9Sh9ZEFFW:DYomgZyzni70xdvAsucXSDZu0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69b9bc4af265b99f9215fa8803b6209_JaffaCakes118

Files

f69b9bc4af265b99f9215fa8803b6209_JaffaCakes118
.exe windows:5 windows x86 arch:x86

61c8d4a0d78de82c1d8a989f37f2f08c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
RegQueryValueExA

kernel32

FindResourceW

shlwapi

PathCombineW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIW
StrStrW
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
DispatchMessageA
DrawIcon
EndDialog
GetClipboardData
GetDlgItem
GetKeyboardState
LoadCursorA
SendMessageA
SetThreadDesktop

Sections

.vcf
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.klyh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reb
Size: 6KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ