5a0e6c88b0bbd119d604390c56162965_JaffaCakes118 | Triage

Sharing

General

Target

5a0e6c88b0bbd119d604390c56162965_JaffaCakes118
Size

37KB
MD5

5a0e6c88b0bbd119d604390c56162965
SHA1

6765530cab3eb3e2d967820cc8f1aafd1913b30e
SHA256

2b7b5e7627537ec8b7ad2e285b3f622d359eff817102e73c5ff27af86197c56a
SHA512

08a9afaa9b4b2991a85853758bbcbf24404dc24a4835f9dcd42f65b8e13dc6f0e9d6cbd48e4c186ee95a4399aa47c691745bff386a3940b33570ea4508fe51c2
SSDEEP

384:wAboRTzUN/Phhm/lOFUtAOFsN1ChqOFw4GBhSBJEbwgKQ8vke:wAGTzUNPhs0FUFFsNeFVGPSBqZE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a0e6c88b0bbd119d604390c56162965_JaffaCakes118

Files

5a0e6c88b0bbd119d604390c56162965_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efb91844dadf329591b1a2e18f510f8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
CloseHandle
SetFilePointer
ReadFile
LoadLibraryExA
FreeLibrary
GetPrivateProfileStringA
lstrcatA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
lstrcmpA
lstrcmpiA
lstrlenA
CreateFileA
GetTickCount
lstrcpyA

user32

CreatePopupMenu
SendMessageA
SetForegroundWindow
GetCursorPos
GetWindowTextA
FindWindowA
DispatchMessageA
GetMessageA
MessageBoxA
CreateWindowExA
InsertMenuItemA
RegisterWindowMessageA
LoadImageA
DestroyIcon
DefWindowProcA
DestroyWindow
PostQuitMessage
SetTimer
wsprintfA
RegisterClassA
DestroyMenu
TrackPopupMenu

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegCreateKeyA
RegDeleteValueA
RegSetValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE