5c24636da696a6e92328515fc4eab708_JaffaCakes118 | Triage

Sharing

General

Target

5c24636da696a6e92328515fc4eab708_JaffaCakes118
Size

267KB
MD5

5c24636da696a6e92328515fc4eab708
SHA1

2168e62e1532ff44ee87be829ad1ab4db399f017
SHA256

fcb477d4b0a21c6c6133c680b8ae66f30141c2e6a411a5be816cf1276bbdbc1b
SHA512

0809c5be4fbaa7a807bb004c68ce09a3980799f03dee0e89688d0bf496555027ded38bc7416edaf1b9585da752575cdf804ebfbaa2d0e1f40f55320e6d27176d
SSDEEP

6144:aNpA5CmQCz7o8l65tTI8KPCnbyx7MuorlQb1bT:aNpA5tQCvi5xI8KKbA7M1rab1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c24636da696a6e92328515fc4eab708_JaffaCakes118

Files

5c24636da696a6e92328515fc4eab708_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36688c03f8023f77186487fd5e4be04c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumUILanguagesW
PeekConsoleInputA
GetLastError

ntdll

RtlLargeIntegerDivide

user32

ScreenToClient
MessageBoxA
ValidateRgn
WindowFromDC

gdi32

EqualRgn
PatBlt
MoveToEx
GetROP2
GetNearestColor
GetFontLanguageInfo
GetDCBrushColor
GetBitmapDimensionEx
FrameRgn
DeleteObject
ResizePalette
TextOutA
SetTextColor
SetRectRgn
SetPolyFillMode
SetBkMode
RestoreDC
PathToRegion

winfax

FaxGetPortA

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ