5abc1648a3a7a035c5742cad91bde623_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5abc1648a3a7a035c5742cad91bde623_JaffaCakes118
Size

336KB
MD5

5abc1648a3a7a035c5742cad91bde623
SHA1

a200da7c8cf39f1d5a23e58901078ca14b20ef56
SHA256

18b4d11a099cbc384be85849d21870b4fbbe48f62f62f50c41547d87dddd3be2
SHA512

9ae41ca61d6d518cdef75917b33f44edad3d6e3f5fd18246b16972a0e704be2eed64d6a7925f870216cdb86abe7b4ead9dfc55fb5d3504e65c702b086780be83
SSDEEP

6144:8Z9ISZXtMC0bck9VX7mSVcJLsENLIaQ2G4pu3xPu6tdxDhfaGcd6yUWppsKnSxUE:U9ISt2C0FqSVgLT57hpu3xG6Lx1faTdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5abc1648a3a7a035c5742cad91bde623_JaffaCakes118

Files

5abc1648a3a7a035c5742cad91bde623_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e315b24704dceebc077eb7f325619d2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_stricmp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_makepath
_wmakepath
wcscmp
wcscpy

kernel32

GetCommandLineW
HeapAlloc
GetProcessHeap
GetCurrencyFormatW
HeapReAlloc
HeapFree
IsValidLocale
GlobalGetAtomNameW
GlobalDeleteAtom
SystemTimeToTzSpecificLocalTime
RaiseException
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetStringTypeExW
MulDiv
Sleep
GetTickCount
GetCurrentThreadId
LocalAlloc
LocalFree
GetLastError

oleaut32

SafeArrayDestroyDescriptor
SafeArrayDestroyDescriptor
VarWeekdayName
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 229KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE