5bea5d3e4e8fd5326b1bacf6af21cc6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bea5d3e4e8fd5326b1bacf6af21cc6b_JaffaCakes118
Size

163KB
MD5

5bea5d3e4e8fd5326b1bacf6af21cc6b
SHA1

fc2c1299876962470d2d5ea4ce03499a0ed009b6
SHA256

2ea191b78ecd2f1ebd2eda2ded5be0fffbda032acff5683021a43f8917db0a13
SHA512

7db0b1fe19a6d9d804ec3c15478ac6e4834bb867ca9c832c08169ef1ae0f24504e57fd6031cc8c18b91526dda1528328ba703c53b6ef7af43db0f245ca5e4c3d
SSDEEP

3072:0Qog6Qwbn+dgeaAFmjuCIARGCZJmBSoeElVVvCbPytMIs57n:Fsrbn+dgywRIAfHqZHlDv2pIu7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bea5d3e4e8fd5326b1bacf6af21cc6b_JaffaCakes118

Files

5bea5d3e4e8fd5326b1bacf6af21cc6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca2b7f55a8f129288533dd5d3e74a877

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetDC
GetWindowModuleFileNameW
ReleaseDC
GetFocus
LoadIconW
DestroyWindow
SetWindowLongW
PostMessageW
PostQuitMessage
GetDlgCtrlID
IsWindow
SetWindowTextW
CreateCursor
IsDlgButtonChecked
MsgWaitForMultipleObjects

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

WriteConsoleInputVDMA
SearchPathW
GetProcessHandleCount
MoveFileW
EnumResourceNamesA
FreeEnvironmentStringsW
GetShortPathNameW
CompareFileTime
GetFullPathNameW
SetFileTime

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW

shlwapi

SHGetValueW
PathCombineW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

ole32

CoTaskMemAlloc
CoUninitialize
CoInitializeEx
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize

comctl32

PropertySheetW

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ