5bec465da7cfcddc593685912f93cae8_JaffaCakes118 | Triage

Sharing

General

Target

5bec465da7cfcddc593685912f93cae8_JaffaCakes118
Size

88KB
MD5

5bec465da7cfcddc593685912f93cae8
SHA1

6c7701d20ccc8c74cdad29328829167dc04701f3
SHA256

c14d554ed3964c7d1b0e4f955bab0f160b3c743dccb858e3e01e0775293e7655
SHA512

499a174f7256a404f9f3a7f781c341f57e4ef4ebe5d2f92b92e9237587f93cfd7c17ca6f251b0f58a4c24e20dd6e5c09daceb087ff91b5301f804535666f2d3a
SSDEEP

1536:0OUyCCdVuUB24Ngwy6SogaaQg2oz+xh7z5k7WQ6C1f/I:H3CCuS24NfyogaaQdozchP57C1f/I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bec465da7cfcddc593685912f93cae8_JaffaCakes118

Files

5bec465da7cfcddc593685912f93cae8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a09a2ef5b33fd00ebd696a091d6b20a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
CloseHandle
DeleteCriticalSection
FindClose
GetDateFormatA
IsBadCodePtr
LoadLibraryExW
GetDiskFreeSpaceExW
TlsGetValue
GetModuleHandleA
PulseEvent
EnumResourceTypesA
Sleep
FreeConsole
IsBadReadPtr
VirtualProtect
GetCommandLineA
GetLastError
GetDriveTypeW
SetLastError

user32

CreateMenu
DialogBoxParamA
DispatchMessageA
CopyImage
GetMessageA
EnableWindow
CloseWindow
GetKeyState
GetUpdateRect
GetScrollBarInfo
DragDetect
CreateWindowExA
IsIconic

msasn1

ASN1BERDecDouble
ASN1BERDecBool
ASN1BERDecEoid
ASN1BERDecFlush
ASN1BERDecCheck

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ