a5bdd8707a348e96e0893d3162f81744_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5bdd8707a348e96e0893d3162f81744_JaffaCakes118
Size

136KB
MD5

a5bdd8707a348e96e0893d3162f81744
SHA1

ecd67c43d3dc54db78017718877d00ef111f37b5
SHA256

90bb544cd8ea24b8284bc7c556f4d42fe0a052a48a20cb0b6f818e6d0a8a7a84
SHA512

4686b7ce2f7f6c109c16cabadd44607849b8727d36e61b23697189c056fb9b177c4c2a96bb5f50135d82c48f768de55628178e4872702414892c6ccbcacbd511
SSDEEP

3072:7tQ9HGcrrfeSx/pJGJQ1QUrNJTm8HcwPzxl9DIWbbY/bogHLkE8B0nv:ZQ9mkeSx/PGWJ/Tbrxlrvs88Ltv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5bdd8707a348e96e0893d3162f81744_JaffaCakes118

Files

a5bdd8707a348e96e0893d3162f81744_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ce3704017931f30ac0533cf7a6628aea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
SetFilePointer
GetFileSize
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
HeapFree
AddAtomW
HeapAlloc
VirtualAlloc
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
GetProcAddress
LoadLibraryA
ExitProcess
GetProcessHeap
CreateFileA

user32

ClientToScreen
GetActiveWindow
CopyRect
LoadCursorFromFileW
GetClassLongA
MessageBoxIndirectA
MapWindowPoints
GetThreadDesktop
DlgDirListComboBoxW
IsRectEmpty
GetMessageA
BeginDeferWindowPos
EnumThreadWindows
ShowCaret
ShowOwnedPopups
OpenDesktopW
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
DefWindowProcA
SetCaretBlinkTime
ChildWindowFromPointEx
DialogBoxIndirectParamW
DrawTextA
GetDesktopWindow
GetDC
TranslateAcceleratorW

gdi32

GetBkColor
GetTextFaceA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ