fec06361105f8a8d043a46b7ac8fb8e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fec06361105f8a8d043a46b7ac8fb8e6_JaffaCakes118
Size

46KB
MD5

fec06361105f8a8d043a46b7ac8fb8e6
SHA1

3d30ea1fa80acd7006715ff25520d7419ae479c4
SHA256

7da7987e2c62923a0f6fc7d337edfc96907297b5b210f9543a0053cd2b0d812d
SHA512

95812b49b11bea06f505dbbc11624bc7f5e8013dd6088e0717674516b55dd76a33de8e04374912e5823a74c6d00aec99a884edccc46be3505dc6b39763858c21
SSDEEP

768:bqKFTOryHuJBMsRrwCF7LjIfPwWxcgVTFmBlOtREHEdAUbFosXR0G:bqeQ+cM0w67LjeoqcCClOt2H/Ujz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fec06361105f8a8d043a46b7ac8fb8e6_JaffaCakes118

Files

fec06361105f8a8d043a46b7ac8fb8e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

884a304692842999b479eba03f45052f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
CryptReleaseContext
RegCloseKey
DuplicateTokenEx
RegDeleteValueA
CryptGetHashParam
CryptCreateHash

shlwapi

wnsprintfW
PathFindFileNameW
wvnsprintfA
PathFileExistsW
SHDeleteKeyA
StrCmpNIA
PathCombineW
StrStrW
PathMatchSpecW
wnsprintfA
StrCmpNIW
wvnsprintfW
PathRemoveFileSpecW

Sections

.ejubst
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kzuhsb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nmd
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ