5bf635a6ed61025a0a554db31457506e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bf635a6ed61025a0a554db31457506e_JaffaCakes118
Size

48KB
MD5

5bf635a6ed61025a0a554db31457506e
SHA1

b74c0a48b227f13c05ce1e89263426831a187fd2
SHA256

9b5c1d6d556a5d518f47949c41e8c016e8fa3b1190f4d22f97b186ba75965127
SHA512

56f3fb189e1e66f0ef2bac23da906a9f310da6397d882010f68e3911b0b156f79c06c3dd74fcb83dbede1ef9292ed5118c8cd8a66deec686662e4c80a4a034f3
SSDEEP

768:dEBxqMlbzcrpo/iAqzjp1+tCUBqY/FV0P5llU1TOcP5SWjVFw8oczl09:uGMlEG/NGLTUwY/FVcl+acP5HjZl09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bf635a6ed61025a0a554db31457506e_JaffaCakes118

Files

5bf635a6ed61025a0a554db31457506e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b07664993825c0e130ae0dd4f2e1226d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash

kernel32

SetEvent

shlwapi

PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wvnsprintfA
wvnsprintfW

user32

DrawIcon
EndDialog
ExitWindowsEx
GetClassNameA
GetCursorPos
GetDlgItem
GetIconInfo
OpenDesktopA
SetProcessWindowStation

Sections

.urat
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uryvcn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ler
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ