5bfd0ef22080dacabb45909489f9e473_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bfd0ef22080dacabb45909489f9e473_JaffaCakes118
Size

303KB
MD5

5bfd0ef22080dacabb45909489f9e473
SHA1

cdc51dda980a07d25fcf33b4ab885f1c5f04ead4
SHA256

3ea162ce38df8532fb6ecebbfa4759c902b46b19df60167e462e681242b04f69
SHA512

b5282b0f24245578cae456199a1f89a304c0ee4ca252c166c273a309ac01e8cc83fc0097d093b555b163ee91766ee2f824655a14c59faeedd9ecff66da4932f9
SSDEEP

3072:iFCHS5TtcK/3QFMB6szgpW0yFx+VGVhEtN:4US5T/g5qgTgwmEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bfd0ef22080dacabb45909489f9e473_JaffaCakes118

Files

5bfd0ef22080dacabb45909489f9e473_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88761e6f699710f2ca73d8224079b168

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetStartupInfoA
ReleaseMutex
CreateProcessW
GetSystemTime
GetSystemTimeAsFileTime
WaitForSingleObject
DeviceIoControl
WaitForSingleObjectEx
GetStartupInfoW
VirtualProtect
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntW
SetLocalTime
DeviceIoControl
WriteProcessMemory
SleepEx
Sleep
CreateProcessW
ReleaseMutex
WaitForSingleObject
SleepEx
CreateProcessW
VirtualProtect

user32

RegisterWindowMessageA
PostMessageW
GetSystemMetrics
MapVirtualKeyExA
CharUpperW
RegisterClipboardFormatA
TranslateMessage
GetWindowThreadProcessId
RegisterClipboardFormatA
SetScrollInfo
MapVirtualKeyExA
RegisterClipboardFormatA
CharUpperW
DispatchMessageW
KillTimer
CharUpperW
CharUpperW
MapVirtualKeyExA
PostMessageW
RegisterWindowMessageA
CharUpperA

Sections

.text
Size: 147KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ