5a4398f51e01b23c23769793ae6105cd_JaffaCakes118 | Triage

Sharing

General

Target

5a4398f51e01b23c23769793ae6105cd_JaffaCakes118
Size

165KB
MD5

5a4398f51e01b23c23769793ae6105cd
SHA1

058c1f0cc30fd7b795b10c3485b9d846d26648ec
SHA256

0eb09f5c800a01e103075e07b842d754bf78e0f7f5ece90d4dcb86d605036c8d
SHA512

7d041217c541870262882494a8d0d6b8eb185cb0d9d7ca5de85165a36f37aa328bd0948cc8200ec6adf9bff809461b7b53934a9353cd7bdb761dd33a5d5aa384
SSDEEP

3072:bKdwnC2FbHW5yLQfeigjKC8Q2/b+iL8nuiJZHp3U:Znxb2QQmiWKJ5b+A8nuiJZHp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a4398f51e01b23c23769793ae6105cd_JaffaCakes118

Files

5a4398f51e01b23c23769793ae6105cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

363e0628e26eb942dfb7e69427f374da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFileW
SetUnhandledExceptionFilter
InterlockedExchange
TerminateProcess
GetCurrentThreadId
GetProcessId
Sleep
GetTickCount
EnumResourceTypesA
GetSystemTimeAsFileTime
InterlockedCompareExchange
ExitProcess
QueryPerformanceCounter
UnhandledExceptionFilter
GetStartupInfoW
IsDebuggerPresent
GetCurrentProcessId
GetCurrentProcess

comctl32

InitCommonControlsEx

shell32

ShellExecuteW

clusapi

CloseCluster

user32

EnumDisplaySettingsW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ