5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118
Size

58KB
MD5

5d1cc655b4f81ac839a9f6ba3e8e5923
SHA1

5e63bce12a0e7c74a34c6fcfbd915021fd3a5e4c
SHA256

76b2de19c4eeec0707ec06c2dbf1f6c0472b03a328e50e9a60255fb535442a19
SHA512

21f5a9f486ebc0e90bc92fc4f353e18033e7175865e3c7fe909b6082b369aae619743d43ad7c55a8c173c60ed9d20e5985a2bd735fe677b9b9d76422443586dc
SSDEEP

768:8qoiq85I2g9lxJEVYRPbch4LI9kp80FLlXirbpz4NlnUW2l71qaE1irEviqszlJ6:zoiGVxJEajukpfXinAn2EYRHQ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118

Files

5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bed3b575b122ce7042753fe75b3b7d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
SetEnvironmentVariableW
SetEnvironmentVariableA
WideCharToMultiByte
UnmapViewOfFile
lstrcpynW
GetFullPathNameW
GetFullPathNameA
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
GetEnvironmentVariableW
CreateFileA
GetEnvironmentVariableA
GetVersion

user32

MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 49KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE