5b1dfa74bfbbc086e2904f650b4ca330_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b1dfa74bfbbc086e2904f650b4ca330_JaffaCakes118
Size

4.0MB
MD5

5b1dfa74bfbbc086e2904f650b4ca330
SHA1

c160ed690adbfd206a887a1e1129f9a4f40d9b8f
SHA256

7465a9b3bfa4728d237507bed3895d388746888eb4fea5e7e7531e4f5e5c3f86
SHA512

c54efb9c04e37ad7c55cd0738b996a0343c5b57565b143ca358f8c04c877fbe5d92391b46f37185e1297181f7abfb23d37c30daccd463f1f669cc13b1fd4bac6
SSDEEP

98304:kM3sbOZd7y4E/10/hN/Sw/vtgpCubJ+MVB0FIfn4srSt24:z3sbOZdu4c10/X/gzblAFJ4K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1dfa74bfbbc086e2904f650b4ca330_JaffaCakes118

Files

5b1dfa74bfbbc086e2904f650b4ca330_JaffaCakes118
.exe windows:5 windows x86 arch:x86

01b224c8799d022ed6d7f056d469327d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
ExitThread
OpenJobObjectW
SetSystemTimeAdjustment
GetLocaleInfoA
GetFileSizeEx
AddConsoleAliasA
WriteConsoleA
VirtualAlloc
ReleaseSemaphore
GetSystemTime
OpenJobObjectA
GetLastError
GetSystemTimes
UnlockFile

user32

PostThreadMessageW
LockWindowUpdate
GetMenuBarInfo
DeferWindowPos
ToAsciiEx
SetCaretBlinkTime
RemoveMenu
SetParent
OpenWindowStationA
PostThreadMessageA
EnumChildWindows
RegisterUserApiHook
OemToCharBuffA
SetProcessWindowStation

Exports

Exports

EndDrhytrwpfvk
Sayvifrlrx
Bhgysmejtns
InitLfbmjephk
IsMrwpxhs
Osrvplkkl
Jhagdbwist
Lohluuqx
Cqfacqdw
Ilmderxxxtp
ReadTrjgbme
SetDxyusvj
Bghgykkfxmn
Ncffvmev
Jsnqqedg
Ecvinkjs
InitGqeuhkcog
Vtokibacl
Jqupntfgg
Pgwqhlkm

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ