5c6c05ab9ed16a0e419b50f2c4007da5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c6c05ab9ed16a0e419b50f2c4007da5_JaffaCakes118
Size

340KB
MD5

5c6c05ab9ed16a0e419b50f2c4007da5
SHA1

6e1d2bdfb69d24572df56091d6ba9e0435d7adf5
SHA256

3047adb8d7feadd28649d8620631c29f523c804117bf9963117d9238b9f8b867
SHA512

095e692c3760590a58a963956c361b2357cb2ed1b731c478a1b51711bd12b93f1d4628a69d6afb2d6c3fdf8a12a2256d2e5dc110841f53e97eff7abf15b16b91
SSDEEP

6144:8psNNh23n6byKjlaS+3hqalXatPYBOxA7G/mzmmnE:1/hmnsZj4S+w0XcFq7G/LmE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c6c05ab9ed16a0e419b50f2c4007da5_JaffaCakes118

Files

5c6c05ab9ed16a0e419b50f2c4007da5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54900843ad27b74d7dbbf8af17540022

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetFullPathNameA
CreateFileA
IsDebuggerPresent
FindClose
CreateEventA
GlobalLock
IsBadReadPtr
GetModuleHandleA
LocalFree
GetConsoleCP
HeapCreate
CreateFileMappingA
LoadLibraryExA
CloseHandle
FreeEnvironmentStringsA
GetACP
GetLastError
LocalUnlock
GetStdHandle

user32

SetFocus
GetDlgItemTextA
GetDlgItem
IsWindow
GetMessageA
CheckMenuItem
PostMessageA
GetDC
DispatchMessageA
EndDialog
GetIconInfo
RedrawWindow
ScrollWindow
DrawIconEx

uxtheme

GetThemeColor
EnableTheming
DrawThemeIcon
GetThemeMetric
CloseThemeData

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ