5f05864489470a53fabe3545091ca647_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f05864489470a53fabe3545091ca647_JaffaCakes118
Size

36KB
MD5

5f05864489470a53fabe3545091ca647
SHA1

5e35755d5db08efa47e3e2073a9f8399ca0fe01f
SHA256

2b2e75da1d0bd8b6ed0f295185a1c0a5e458b05e1c8446f964a1738e89df3055
SHA512

d942902b1e166d92146209ddd4f10ee461959d703f588e47262143cc6c377022bcd762992a73791b41bf9e1ff4cec24a1294882b82f85ea9590d7554a3e22c39
SSDEEP

384:NU7fhCZX9GLo6Yn2bGCEkdWYfP434/w7vvxlLVZbHot/Mp7e2BQHPx/2vkKSO8S8:NCg8oLsp1fbw7DVZCMZeR/Gg4RoR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f05864489470a53fabe3545091ca647_JaffaCakes118

Files

5f05864489470a53fabe3545091ca647_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cac46a2ab4cd1eb8035184b3fa2e7f93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

comctl32

ord17

user32

GetDC

gdi32

SetBkMode

advapi32

RegCloseKey

shell32

SHGetMalloc

ole32

OleInitialize

version

VerQueryValueA

Sections

.MPRESS1
Size: 16KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS1
.MPRESS2
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4.ico
.rsrc/ICON/5.ico
.rsrc/ICON/6.ico
.rsrc/ICON/7.ico
.rsrc/MANIFEST/1
.xml