5a3f73137d4f161e86bb4c9e5d64529d_JaffaCakes118 | Triage

Sharing

General

Target

5a3f73137d4f161e86bb4c9e5d64529d_JaffaCakes118
Size

134KB
MD5

5a3f73137d4f161e86bb4c9e5d64529d
SHA1

7e0b931bec998f385da263407c70656828f13023
SHA256

16e267e9d60c4fbc377c525d8c45c0116d149435fc3f16d45e3fa01579f74de6
SHA512

8cdaaa4eebb030025edd9f0be229b54a0f40c905e9bb9df8ac78be6ba3b1eb95c04bae48857539a81a541b35cb575472972e3f5d224b65736c1971f6e81ec26f
SSDEEP

3072:YAQ0n/T3dRweSmo/c9Ad+8AQdURjzT0hMgFcEEwR:RQ0n/TseQU9yAoFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a3f73137d4f161e86bb4c9e5d64529d_JaffaCakes118

Files

5a3f73137d4f161e86bb4c9e5d64529d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e367f1965dee6c70efff3ad63b7c54de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
WriteProfileSectionA
lstrcpyA
GetStringTypeA
GetDriveTypeA
WriteConsoleInputA
VirtualAlloc
QueryInformationJobObject
GetLastError
GetExitCodeThread
SetMessageWaitingIndicator
CancelWaitableTimer
WaitForSingleObject
_llseek

user32

MessageBoxIndirectA
DefFrameProcA
DrawStateA
BroadcastSystemMessageA
GetParent
CopyAcceleratorTableA
UpdateWindow
PostThreadMessageW
DrawCaptionTempA
PostThreadMessageA
SetCursorContents
GetMessageTime
LoadBitmapA

Exports

Exports

GetWsgmjwapv
InitXhstgwd
InitTfbesromgdn
ReadCnqwagmo
Hjxgsxqr
CreateSklfmpqdeso
Cnbbdqh
Bjkxwdag
Utpgeokmmob
CreateMbajohfnk
GetPhwjwrx
Fiegnhh
Glinadkq
EndDprtkqd
BeginRctexveqor
SetPvovbmexfiv
Iivkqrcv
Foowkeoe
ReadKnpaavk
Tohigshrjml

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ