ffe2f6d960d511f4cc0fe10818034bfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffe2f6d960d511f4cc0fe10818034bfc_JaffaCakes118
Size

187KB
MD5

ffe2f6d960d511f4cc0fe10818034bfc
SHA1

a54ef314b7b223f2c2e059b8c501fdafef1bb063
SHA256

ac9c18ce5120f8bfc93c78f8f2a696a3f31c026544510eaacdd930834b633966
SHA512

0b8087e3351baf97ea5bd83e01d4f6cdd4261bda4837a98cde93a9f2f69a162658ffc1854dc0300f1be3ff32e20c78a55e8cf908b705001fec8ea87a92fb1979
SSDEEP

3072:w2OJOsR4WDkGxUGNy/BWdfQ/8DJgcIOs7PHCvW/Mj7NpJsZ7R:w4XGaZWdfvDJglB7t/07R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffe2f6d960d511f4cc0fe10818034bfc_JaffaCakes118

Files

ffe2f6d960d511f4cc0fe10818034bfc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

853156e53047052282397701fd81476b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\JTygZVhoh\NjpWgyAUCm\yeoncPc.pdb

Imports

kernel32

HeapAlloc
MapViewOfFile
RemoveDirectoryW
CreateDirectoryA
SetEvent
GetPrivateProfileIntA
SetThreadLocale
CreateDirectoryW
lstrlenA
MoveFileExW
GetProfileIntW

shlwapi

PathUnquoteSpacesA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

MessageBoxA

gdi32

FillRgn

Exports

Exports

?SuperFunctionCall@@YGKXZ

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug01
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ