5b0eb453ea8485b469cb8f16a7b01e06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b0eb453ea8485b469cb8f16a7b01e06_JaffaCakes118
Size

365KB
MD5

5b0eb453ea8485b469cb8f16a7b01e06
SHA1

b7ba7ce8d4e10e8f23a4f5b8ecfe68de4a23622d
SHA256

9067085065b9ff198f49235342ff4c1aa82670d9d090c3cdc90687722a9715ee
SHA512

97b9d6cee4b0871565c25dee31cf69432a7b6e49bccf3a6c0604be766f0f8943d1a579602ae2f4a94e3b11076aba104411dca3f7080c55a494c202fd8ad52be8
SSDEEP

6144:VPDRMaa4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:1RM1x4ojf51aTcK0NEQUd0op3QlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b0eb453ea8485b469cb8f16a7b01e06_JaffaCakes118

Files

5b0eb453ea8485b469cb8f16a7b01e06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1eeedd8dd903f22a3c465308370af54d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetCurrentThreadId
FindAtomW
LocalFree
GetCurrentProcessId
GetConsoleAliasW
GetDriveTypeW
ReadFile
SetEvent
CreateMailslotA
GetModuleHandleA
ResumeThread
EnterCriticalSection
GetModuleFileNameA
HeapCreate
GetFileAttributesA
GlobalFree
EnumCalendarInfoW
GetPrivateProfileStringW
SetLastError

user32

GetSysColor
GetKeyboardType
GetMenuInfo
GetCursorInfo
GetClassInfoA
SetFocus
DrawTextW
DispatchMessageA
GetClientRect
IsWindow
CallWindowProcW
DispatchMessageA
GetKeyState

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ