03fdbf6968929d9e2a2638567c626fb7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03fdbf6968929d9e2a2638567c626fb7_JaffaCakes118
Size

120KB
MD5

03fdbf6968929d9e2a2638567c626fb7
SHA1

808a0cc0b64dfdfcbcdbde38f92db25aca8dd62b
SHA256

d2e691c540eff74305bb0f93c41a766692a3a889803a4561ecc288518070a6fc
SHA512

cf709bf772b494d862a05dbfa42c0180d13e0b6d179c626a716b5b39601746d1a7ac6a61646d83b92bc2f49ac299bb4882a02512e2c42045b34bd17d00e13c1a
SSDEEP

768:xdEYeDfc+T2dlal2HsFYf40jGI57uswbU4RAJJWUGptp7o/YiMLAHK0:wYWfcU2lA2MYjjL5yOnJ5GPi/vHHK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03fdbf6968929d9e2a2638567c626fb7_JaffaCakes118

Files

03fdbf6968929d9e2a2638567c626fb7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c634f9765bce23e60171e103947c7149

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCreateKeyExW
RegQueryInfoKeyA

kernel32

ExitProcess
WriteFile
HeapFree

user32

DrawIconEx
GetScrollInfo
IsWindow
DialogBoxParamW
GetFocus
DrawIcon
CopyImage

Sections

.macij
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ncog
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adml
Size: 72KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gpami
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.agjba
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ