5a5060d2631f01ff10f82bb6eaea43d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a5060d2631f01ff10f82bb6eaea43d5_JaffaCakes118
Size

174KB
MD5

5a5060d2631f01ff10f82bb6eaea43d5
SHA1

4562181cd8b8bd23d73d024eea085b0345637a6c
SHA256

91e3aa7619a4cd44bd3531718f1fcfe38d015892f0b416451488d695de597cf8
SHA512

8010256edd58c0da14dfa03364234682f506f93f5285bdad5bf38390862ecabd7d404d425d10c4741570876eac1159a48de630ca1102783f405ba5650aa5a12d
SSDEEP

3072:C79fIZzTalm7A5Qax8Y/2XUK0o3yje6cceHuVdR4dJ9cz7uNYD17bILf:C7JRQU+YkUpo3yS6cZOt4dJ9cz78YD1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a5060d2631f01ff10f82bb6eaea43d5_JaffaCakes118

Files

5a5060d2631f01ff10f82bb6eaea43d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ee495b6605d27b8c1320c4f2ef46dc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SystemTimeToFileTime
FindFirstFileW
GetLocalTime
GetStringTypeW
ConvertFiberToThread
GetOEMCP
GetSystemDirectoryW
SetThreadIdealProcessor
FindClose
SetErrorMode
CompareStringA
LocalAlloc
LCMapStringW
EnumResourceNamesW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentProcess
RegisterWaitForSingleObject
FindNextFileW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetShortPathNameW
LocalFree
LoadResource
FileTimeToSystemTime
IsBadReadPtr
FreeLibrary
FindResourceW
SearchPathW

user32

FlashWindow
ReleaseCapture
ValidateRgn
GetCapture
SetCapture
UpdateWindow
ValidateRect
EnableWindow
IsWindow
IsWindowEnabled
InvalidateRgn
RealGetWindowClassA
DestroyWindow
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ