5b544d3e4a1bc2ffe0b4ef9fda92166a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b544d3e4a1bc2ffe0b4ef9fda92166a_JaffaCakes118
Size

516KB
MD5

5b544d3e4a1bc2ffe0b4ef9fda92166a
SHA1

8f90f11e043473013e742c72955bde22d199271c
SHA256

96d35cf346524bca377d1fbb038896a36024a8b53750288b0ca531de24a7a15f
SHA512

12088dca9d61a6c51a1530cee75023f5557c1a968a04c13055d16ed5bb6eba4e21a18b29ba9c5614a72cf2c7281729a4193ea17171d37038aac6916c64357712
SSDEEP

12288:uKMkRQU6S9szfEFDP2JskvIe/kLeVRyQlCJOqayQ85fFrd:IkdXIMw6vuY4RWtayQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b544d3e4a1bc2ffe0b4ef9fda92166a_JaffaCakes118

Files

5b544d3e4a1bc2ffe0b4ef9fda92166a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

858cc5d28c4006dc4e2374ffbc748b63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
SetConsoleLocalEUDC
ExitProcess
SetVolumeMountPointA
FindFirstFileExA
VirtualAlloc
CommConfigDialogA
ReleaseSemaphore
LZDone
VirtualProtectEx
GetThreadTimes
VirtualFreeEx
lstrcat
GetFileTime
GetCurrentProcess
GetTickCount
GetSystemWindowsDirectoryA
GetFileSizeEx
GetProcAddress
MoveFileA
GetSystemDefaultLCID
GetDiskFreeSpaceExA
GetThreadPriority
GetCommModemStatus
FindNextVolumeA
SetConsoleCursorInfo
WriteFile

wininet

GetUrlCacheEntryInfoW
InternetCrackUrlA
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
ResumeSuspendedDownload
InternetGetConnectedStateExA
InternetUnlockRequestFile

Sections

.rtext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 504KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ