5a3d71a86070d74a8153d3903a2278f3_JaffaCakes118 | Triage

Sharing

General

Target

5a3d71a86070d74a8153d3903a2278f3_JaffaCakes118
Size

340KB
MD5

5a3d71a86070d74a8153d3903a2278f3
SHA1

889f3b8759ecc84c22f13e8873c10c74d0c3919f
SHA256

1d84dbd6d063feca4988da3b02da966515b27d1a2ddf6e123d4fec4e353eef2c
SHA512

2786fe745ae5a5b4b10985f8e9896ddd0432ca3ed0cd16971ae1a938f7770eacbef72b330710ddc84d8b5fccfb6f756bcab330f18cebfd58690d74b57aee7220
SSDEEP

6144:apu0j1m68rwA5URA0jAyEm/Ka0UHj+nTnJ3qPrE4gN56ekWVU76tIjZ7Y:j0jUlwOUA0UzJaVHSnCgN5dTV3uY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a3d71a86070d74a8153d3903a2278f3_JaffaCakes118

Files

5a3d71a86070d74a8153d3903a2278f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2480be1e8f7576996fd051442c434b21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetACP
lstrlenA
HeapCreate
GetConsoleCP
FindClose
CreateFileMappingA
LoadLibraryExA
GetLastError
IsDebuggerPresent
CreateFileA
IsBadReadPtr
FreeEnvironmentStringsA
GlobalLock
GetModuleHandleA
GetStdHandle
CloseHandle
LocalFree
CreateEventA
CreateMailslotW

user32

IsWindow
GetDlgItemTextA
GetMessageA
EndDialog
DialogBoxParamA
RedrawWindow
GetListBoxInfo
SetFocus
DispatchMessageA
GetDlgItem
GetDC
CheckMenuItem
GetIconInfo
DrawIconEx

uxtheme

DrawThemeIcon
EnableTheming
GetThemeColor
CloseThemeData
GetThemeMetric

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ