5c1bb57868cc302a744023e80b5ff14f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c1bb57868cc302a744023e80b5ff14f_JaffaCakes118
Size

317KB
MD5

5c1bb57868cc302a744023e80b5ff14f
SHA1

b32cb71e29a4b6fd6d1598459aef7db9503b73a6
SHA256

dfa39db411d387866089eb6bf5a9d4d789196ff1ead0c6a70ec2ed96734b4bdd
SHA512

d25b2b91cc97d9981abf94389e7f705d5ab3a8843ad311e5f0a72c39759b93670002f86035e78c83c14ebf898d0ec42b0787648114f02137dedafa53061cd91f
SSDEEP

6144:xNHxeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:xN+nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c1bb57868cc302a744023e80b5ff14f_JaffaCakes118

Files

5c1bb57868cc302a744023e80b5ff14f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd395f829cbe801a0ff8ba41523ffcd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
VirtualProtect
lstrcpyA
LocalFree
WriteProfileStringA
GlobalUnlock
HeapCreate
LoadResource
IsBadCodePtr
GetStdHandle
RaiseException
SetConsolePalette
DeleteAtom
CloseHandle
GlobalAddAtomA
GetLastError
LoadLibraryExA
GlobalFree
GetOEMCP
EnterCriticalSection
FreeConsole

user32

GetActiveWindow
GetWindowTextA
CloseWindow
IsIconic
DrawEdge
BeginPaint
GetParent
ValidateRect
AlignRects
EndPaint
GetForegroundWindow
GetWindow
ReleaseDC
GetClassInfoExA
ShowWindow
GetWindowTextLengthA
GetClassNameA
GetDC
GetFocus

mprapi

MprAdminUserOpen
MprAdminUserClose
MprAdminUserGetInfo
MprAdminUserWrite
MprAdminUserRead

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ