5ced960f1701ac9aad53f47cfcd1d4d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ced960f1701ac9aad53f47cfcd1d4d4_JaffaCakes118
Size

168KB
MD5

5ced960f1701ac9aad53f47cfcd1d4d4
SHA1

009156b45fdf63a5ecd50cee40a0888e48349cbf
SHA256

88d8a42f09f12fcdfc7cc277a9d8a296873cd40532616695158a4880b53193e5
SHA512

69e07d0ed8e3970adb8c397ce1fb79f1e389229a395fa7adc7c64d13599437012965c762fb85af5c74f5be2522d0b729c3b529c365491280ff665ba17c8312f3
SSDEEP

3072:MPajLW29magexwULS45mVyjcbkU1A0Fb5uqAUIf7VWnt2hLXMnuFQb0Z+MGDWSu7:MPafW2/88F5mVtA0fuqxIfB4U5FLXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ced960f1701ac9aad53f47cfcd1d4d4_JaffaCakes118

Files

5ced960f1701ac9aad53f47cfcd1d4d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd373e8248ac86745889659587026c7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

gdi32

SelectObject
GetDeviceCaps
DeleteObject
GetTextMetricsA
GetTextExtentPointA
CreateFontIndirectA

kernel32

FreeEnvironmentStringsW
SetHandleCount
GetCPInfoExA
GetStartupInfoA
GetThreadLocale
GetFileType
GetVersionExA
MultiByteToWideChar
InitializeCriticalSection
GetCPInfo
RaiseException
GetOEMCP
InterlockedIncrement
HeapSize
EnumResourceNamesW
GetEnvironmentStrings
GetStdHandle
UnhandledExceptionFilter
GetLocaleInfoA
TlsSetValue
LeaveCriticalSection
GetACP
QueryPerformanceCounter
TlsGetValue
WriteFile
FreeEnvironmentStringsA
RaiseException
lstrlenW
GetLastError
WideCharToMultiByte
EnterCriticalSection
GetTickCount
GetEnvironmentStringsW
DeleteCriticalSection
InterlockedExchange
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ