5b591be3ddbe9825068177a6a52aeaec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b591be3ddbe9825068177a6a52aeaec_JaffaCakes118
Size

37KB
MD5

5b591be3ddbe9825068177a6a52aeaec
SHA1

2a57c667623fc72faabfd08a4ba7eabb72e97e3c
SHA256

08b7f740fd4f2d522f3c7c04897bd267707208ecdde8a1bb9439cfcf7a61d3e3
SHA512

610880b761039af1e0ab885f8b3d4009d0accca39ccde7cbf1d47b51f54b0adb92f3e3c262b9a934f3aecc53ff65eb4a1b9e29e452370a3c5e4c61afbad62770
SSDEEP

768:HYY3u43in7oYsNKfDvl/5rijV1RJ+DPDvzzw8WGRhfaY9e7iG1f93:Ha4SaKbbcpG/zw8HhdeB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b591be3ddbe9825068177a6a52aeaec_JaffaCakes118

Files

5b591be3ddbe9825068177a6a52aeaec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac494ecff210efc365341dd987da4c02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
VirtualProtect
GetAtomNameA
SetVolumeLabelA
FindNextFileA
CopyFileExW
SetThreadIdealProcessor

user32

GetMenuInfo
SetDeskWallpaper
PostThreadMessageW
AppendMenuA

gdi32

DdEntry37
EngCheckAbort
EngCreateDeviceSurface
EngLockSurface
GetTextCharacterExtra

Sections

.text
Size: 1024B - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE