5ba6fef5399cfe53656012d64306b597_JaffaCakes118 | Triage

Sharing

General

Target

5ba6fef5399cfe53656012d64306b597_JaffaCakes118
Size

396KB
MD5

5ba6fef5399cfe53656012d64306b597
SHA1

3e13d72dc7c66c9ca3b9bd0ec139e48dbb10b40d
SHA256

2ddec15febf58f823dc37913bca85da4b11a81a6ce7f256aba29a15bfdc79695
SHA512

a55ae4fbe368e713dc50528abb2a7c2c7f4e144933ba307e62ddebaafc23eae8918196a2ce99155d44d630ac48b68bb74273e20283efcea8101c78008d2a58a3
SSDEEP

6144:cpBQGk2gTP4DYqyj7dDE71fqmBSqQ3sjaBkYRMro5kfd1mOcsZnMTT3EApm5zj8O:cpRk2gLKyjm758q8p8usZMf3Nmpj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba6fef5399cfe53656012d64306b597_JaffaCakes118

Files

5ba6fef5399cfe53656012d64306b597_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d2b7decb10ede647fef898aec6ff8bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
RaiseException
GetStdHandle
GetModuleFileNameA
QueryPerformanceFrequency
LZInit
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
InterlockedIncrement
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

SendMessageW
DestroyWindow
SetDlgItemTextW
EndDialog
GetDlgItem
GetSysColor
GetWindowRect
GetClientRect
ScreenToClient
GetSubMenu
EnableMenuItem
ClientToScreen
TrackPopupMenuEx
DestroyMenu
EnableWindow
GetWindowPlacement
ReleaseCapture
IsWindowVisible
PtInRect

odbc32

SQLGetTypeInfoA

Sections

.text
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ