5a752ceca12e9f732501c019fb5224f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a752ceca12e9f732501c019fb5224f2_JaffaCakes118
Size

21KB
MD5

5a752ceca12e9f732501c019fb5224f2
SHA1

4080e5b10a879e8aa7f865861aa5b0906b925057
SHA256

6aa5bab007030c207b1858c27adc34c4d39b307ce449e0b6b772effde0719185
SHA512

1daee63794b29b9fd970278c5de7c34c6b30c6f3ccfef360504ff3e84125af9a353a646cb8e7a3714ec9b3498f0e48eccd5904bc04797df85b3ce597c90ae086
SSDEEP

384:wXotzJHkKpNA2S36Qmifv1LpyBguPtGW4XCCUXfdvSL3pRT5f/vzvVHjlTQr:wOHkn36zMnup4CC0dQLTFDvLTQr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a752ceca12e9f732501c019fb5224f2_JaffaCakes118

Files

5a752ceca12e9f732501c019fb5224f2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

51ef51f58f4da8c2e239d385e25c0ef0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClassLongA
ScrollWindow
SetCursor
RegisterWindowMessageW
PostQuitMessage
GetClipboardOwner
SetDlgItemTextW
RegisterClassW

shlwapi

PathParseIconLocationA
StrSpnA
UrlGetLocationA
UrlCompareA
PathIsLFNFileSpecA
UrlCanonicalizeW

comctl32

ImageList_Duplicate
UninitializeFlatSB
FlatSB_SetScrollInfo
PropertySheetW
DrawStatusTextA
CreateToolbar
FlatSB_GetScrollProp

ole32

UtGetDvtd16Info
CreateILockBytesOnHGlobal
CoGetObject
CoAllowSetForegroundWindow
HWND_UserFree
CLSIDFromProgID
CoQueryProxyBlanket
CoLockObjectExternal

gdi32

SetMapMode
GdiStartPageEMF
FlattenPath
DPtoLP
TextOutW
EndFormPage
CreateBitmap
SetColorAdjustment

msvcrt

_mbsstr
_wexecle
_swab
_lseeki64
putwchar
_ismbslead
_cgets

Sections

.text
Size: 5KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE