5c27a3c7f8816234997a18835c2a9d01_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c27a3c7f8816234997a18835c2a9d01_JaffaCakes118
Size

116KB
MD5

5c27a3c7f8816234997a18835c2a9d01
SHA1

0520449ed8b049709caa2b83ff319be8683d34f6
SHA256

1d1d0498b1aae46fee48b434493ce9fbb23c503e366cfec2b27c5bbd9c48aff2
SHA512

efbbe32c9e533e55334cd04fa33a1e5ad6146e47f52bc776a14e7e990d495132ebe52fce4101f15a8639871246dc9d9abde45e495c17b26ea02f6eab58af1cce
SSDEEP

1536:TOpDFs3HxYo6orwbqCTe9DXSUMX1VaONpuXz/IoWwTfm/ave:TO3s3HSoBYqNbSBlVaONpgfTeee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c27a3c7f8816234997a18835c2a9d01_JaffaCakes118

Files

5c27a3c7f8816234997a18835c2a9d01_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ed2a36a2d6154b6c860eda51f96d87d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LZSeek
GetFileAttributesExA
GetPrivateProfileSectionNamesW
GetConsoleCursorMode
OpenWaitableTimerA
GetCurrentProcess
GetModuleFileNameA
GetLongPathNameA
SetFirmwareEnvironmentVariableA
VirtualAlloc
VirtualQueryEx
TransmitCommChar
GetCommandLineA
ExitProcess
EnumSystemLanguageGroupsA
GetDiskFreeSpaceExA
GetConsoleCommandHistoryLengthW
LCMapStringA
ResumeThread
TerminateProcess
GetOEMCP
SetConsolePalette
ExitProcess

user32

InvalidateRgn
LockWindowUpdate
GetDCEx
CopyAcceleratorTableA
SetScrollRange
BeginPaint
CheckMenuItem
EmptyClipboard
UpdatePerUserSystemParameters
RegisterUserApiHook
GetCursor

gdi32

GetRasterizerCaps

Sections

.text
Size: 104KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ