5bb541273c9087146b8a2a1e05e3f6fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bb541273c9087146b8a2a1e05e3f6fc_JaffaCakes118
Size

259KB
MD5

5bb541273c9087146b8a2a1e05e3f6fc
SHA1

3fe802fb505f91df7a0e28470d2d73d605a34464
SHA256

bc03969330fee285bcb579b7cc97954dd05fa580e8231b710d7bdaca6006a77f
SHA512

eeb9af8456a4340eaac14a86c5c43c5231db48b0811a9fb6625bc871b74e6bae58974e5a59f26c5c70b9efa49f3d356ddd583218624f464396af94129cc242e9
SSDEEP

3072:S/rX9X0mMRxmcu4fxKEcY9ZuzlvOON0ZjALZlI8A7kLNMjRIlU0x6gAFk5HBUEQ9:IX9kbRUcuGtulX0ZMlI8/LoIlU0xBhE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bb541273c9087146b8a2a1e05e3f6fc_JaffaCakes118

Files

5bb541273c9087146b8a2a1e05e3f6fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c876f7802cc7b5577a4bfd881f58036

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
lstrlenW
GetTickCount
DeleteFileW
GetModuleHandleA
lstrcmpiA
GetCurrentProcessId
SetLastError
lstrcmpiW
GetOEMCP
lstrcmpA
GlobalFindAtomW
GetConsoleOutputCP
GetACP
GetCurrentThreadId
CopyFileA
SetCurrentDirectoryA
lstrlenA
MulDiv
VirtualAlloc

user32

GetInputState
GetMessagePos
GetDesktopWindow
CharNextA

gdi32

GetDIBColorTable
GetPaletteEntries
EndPath
MoveToEx
GetPixel
GetTextMetricsA
SetBrushOrgEx
SelectPalette
OffsetViewportOrgEx
SetMapMode
SetColorSpace
EndDoc

comctl32

InitCommonControls

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ