fab835ac5d73a007e0a3e4b1ba9f1e29_JaffaCakes118 | Triage

Sharing

General

Target

fab835ac5d73a007e0a3e4b1ba9f1e29_JaffaCakes118
Size

48KB
MD5

fab835ac5d73a007e0a3e4b1ba9f1e29
SHA1

50d610dabb4ac9886eb5229f80841e8485fe2238
SHA256

8616665914f37914d1c0ed1626d999a53abcffb3671772567b4ad8507ab5f854
SHA512

905ebbc354e53da861ba24825ac50a39a2f712b1cc1c2cea10d0d061167fc1a45cc8d8e8ab08b90f92ffb3db81b1d5b4dc9add1bc3d549847b3d19f5e00e9cc1
SSDEEP

768:6YFLNDObCjLzsfiOXKNX5SR1/YCTSsziRgcqXWcP5HGcK/96MUXncfsQmxJdiL2j:6K5+iTNM7/nzHcqXWQsL4Xxe2FN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fab835ac5d73a007e0a3e4b1ba9f1e29_JaffaCakes118

Files

fab835ac5d73a007e0a3e4b1ba9f1e29_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a157968b41cf3c994aed0285ed517cba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
PathMatchSpecW
StrCmpNIW
wnsprintfW
PathRemoveFileSpecW
PathCombineW
wvnsprintfW
PathFindFileNameW

advapi32

CryptDestroyHash
RegSetValueExA
CryptHashData
RegEnumKeyExA
GetUserNameW

kernel32

OpenMutexW
ExpandEnvironmentStringsW
CreateEventW
FindNextFileW
GetLastError
lstrcmpiW
GetSystemTime
GetCommandLineA

Sections

.kdilur
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mrybuh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xez
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ