5fb69b1da85e20fb3340fb1d0cb4ee5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fb69b1da85e20fb3340fb1d0cb4ee5d_JaffaCakes118
Size

349KB
MD5

5fb69b1da85e20fb3340fb1d0cb4ee5d
SHA1

7547e1298ec0971164614eea21cfd170029afc03
SHA256

c10f6636ba02955e58600d1a2d2a5739d208a3b9e13c9dd263d26731ed162ba5
SHA512

755c7d241b77660ac1acc8dc3d80b0829af89254302e2e15ab3b6d8f9b04d9f82d7fb56dfa406691c2d92f847daaa5278ace24de5bf54fb192f8b5b897079a6d
SSDEEP

3072:dC43hVENZQur0QH9SG1JQ7Sj3pWYE8Xtxg1mUASaUHSPICepCQdnWI2O4qcdAMUt:mj3pXE8M1mv/PdeAEWI2zqM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb69b1da85e20fb3340fb1d0cb4ee5d_JaffaCakes118

Files

5fb69b1da85e20fb3340fb1d0cb4ee5d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

37240d525689d7b676220124279050dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

2gerGW@4herhw*9283y4huWO.pdb

Imports

user32

GetCursor
DrawFrameControl

gdi32

GdiFlush

msvcrt

malloc

kernel32

FindAtomW
GetModuleHandleW
GetDateFormatEx
GetAtomNameA
IsSystemResumeAutomatic

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT1
Size: 283KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

yP
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ