5ba2f28f4e2b08bb0a1e55af982c8929_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ba2f28f4e2b08bb0a1e55af982c8929_JaffaCakes118
Size

58KB
MD5

5ba2f28f4e2b08bb0a1e55af982c8929
SHA1

a21093b551f530895325ec3c0cac0fbe7beb1a06
SHA256

66c764f72fae38846171baea2dffa1e22c9d8b2da92408019b8a948c16ebcfe1
SHA512

07a6f53e374cacd8407f12f3b567cb1f97eb9e5bd1ad308386c7ad2f560ab632f72df13e3e072771ba0099295b02ffb9654c53863ed03a7f1d3255497420e2e6
SSDEEP

1536:0/TOQK26kr8/v7Ck5BUSgeTKYy45m4OJ:qRKNvWkT9CYy4c4OJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba2f28f4e2b08bb0a1e55af982c8929_JaffaCakes118

Files

5ba2f28f4e2b08bb0a1e55af982c8929_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbbb3a710802e85f2306a72baf1de24e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapSize
PulseEvent
FlushFileBuffers
SetLastError
GetCurrentDirectoryA
EnterCriticalSection
SetErrorMode
GetCurrentThread
TlsFree
TerminateProcess
GetUserDefaultLCID
FindFirstFileA
EnumSystemLocalesA
GetModuleHandleA
GetThreadContext
MulDiv
SetEndOfFile
lstrcpyA
SetPriorityClass

gdi32

CreateFontIndirectA
EndDoc
DeleteObject
CreateRectRgn
Ellipse
GetTextMetricsA
CreateDIBSection
GetBkColor
RectInRegion
CreateRectRgnIndirect

user32

InsertMenuA
DrawFrameControl
GetWindow
CloseClipboard
CheckRadioButton
DrawIconEx
IsDialogMessageA
CheckDlgButton
CheckMenuItem
ReleaseDC
DefMDIChildProcA

msvcrt

strtoul
_strnicmp
fseek
_ltoa
strncat
_wcslwr
_XcptFilter
_snprintf
strstr
atol

advapi32

CloseServiceHandle
RegConnectRegistryA
GetKernelObjectSecurity
RegCreateKeyA

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ