5a2148354c564d6e1e4f2525563ef7b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a2148354c564d6e1e4f2525563ef7b3_JaffaCakes118
Size

341KB
MD5

5a2148354c564d6e1e4f2525563ef7b3
SHA1

52a1f66e673a168f191b96a516a4ce35f81f5ebf
SHA256

2df21ed433dfebe33851b196bb798bdafe218f78347226b5e9eda64870be625c
SHA512

cd6f670ea9c53068bf61b8dcf548440a80d34f3f21b5604c154fa5ff06d362188040a69eb526f2608021d0bb8d23982b5143addf639a1581d2aa9dc1cffbb4a4
SSDEEP

6144:cyYM7hTAm37Deam32NuT7ErRyXHfYWCoUPk7YTX6jLyXZ3cAlAorL3DTn:V7xAFHmcsrRyX/pW2Y74LyJ3rAyL3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a2148354c564d6e1e4f2525563ef7b3_JaffaCakes118

Files

5a2148354c564d6e1e4f2525563ef7b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7207267f1a4b255f373016118fa1114

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
FindClose
CreateEventA
LocalUnlock
GetStdHandle
LocalFree
GetACP
GetConsoleCP
GetPrivateProfileIntA
CreateFileMappingA
GetModuleHandleA
LoadLibraryExA
IsDebuggerPresent
CreateFileA
CloseHandle
GetLastError
lstrlenW
IsBadReadPtr
FreeEnvironmentStringsA
HeapCreate

user32

GetDlgItem
SetFocus
DispatchMessageA
RedrawWindow
DialogBoxParamA
GetListBoxInfo
GetMessageA
IsWindow
GetDC
GetIconInfo
EndDialog
CheckMenuItem
GetDlgItemTextA
DrawIconEx

uxtheme

CloseThemeData
DrawThemeIcon
EnableTheming
GetThemeMetric
GetThemeColor

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ