5c510382b627196bc8f053817bd817e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c510382b627196bc8f053817bd817e9_JaffaCakes118
Size

25KB
MD5

5c510382b627196bc8f053817bd817e9
SHA1

09ed0aea338e5d929c67a70ba802031f5c67a13f
SHA256

ccf4c02a8f547c4b02ac530755ec820279c793ff8d76f107b1e51d60ee09c3bd
SHA512

e851ce6d3749e23a7297fc440d28c2647f58009427d4a482fe6fda5cc5199f826dd3d3ca49a0eb639f4d840c3ece4e4db27ce104b85ff2afa0ac0ddee83d7564
SSDEEP

768:FJ0Vh5ZeeLnO8vfULO4Jk+mORhORrq6lil:F2nKebPEq4NmRrq6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c510382b627196bc8f053817bd817e9_JaffaCakes118

Files

5c510382b627196bc8f053817bd817e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6adcf72a042fbc88577e102c4a5632a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
ConsoleMenuControl
BaseInitAppcompatCacheSupport
SetTapePosition
ReadConsoleInputW
EnumerateLocalComputerNamesW
GetFileType
EnumSystemLocalesA
GetCurrentProcessId
FindResourceW
SetComputerNameA
SetDllDirectoryA

user32

SetThreadDesktop
GetClipboardOwner
ExcludeUpdateRgn
MoveWindow
GetLastInputInfo
IsWindow
LoadCursorA
DestroyAcceleratorTable
RegisterWindowMessageA
SetDebugErrorLevel
DrawTextA
AnyPopup
UnhookWindowsHookEx

Sections

.text
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ