5d1e434ea93a83d0be7613295e1525de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d1e434ea93a83d0be7613295e1525de_JaffaCakes118
Size

646KB
MD5

5d1e434ea93a83d0be7613295e1525de
SHA1

05c5f69aef350446bc66dbd63d45eb6e16c4569c
SHA256

15a74a3c73efa225627e23d2d192b41a156ede2600cc15f8af98658c6da5fe95
SHA512

91e3985a4a75b99bcbcd9270797d8f1d134551e82f1f665b8f9b04bf2cf87f4a048f644068b49ce1e825026842c2e925bbbee178d688ab66fa5769544708ab44
SSDEEP

12288:VL8u9EiWAqlVpfmlTXgE7ANCpowTBElAWZv1W09IZDtr+tsaXE1i5+5:VH6NlLfETwHYpowTBQVJ1W+IZDUuIE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d1e434ea93a83d0be7613295e1525de_JaffaCakes118

Files

5d1e434ea93a83d0be7613295e1525de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bad4d8f37972b986bc4428d8b5bb7a81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
TlsGetValue
GetACP
GetCommandLineA
HeapCreate
LoadLibraryExA
GetConsoleCP
PeekConsoleInputA
WaitForSingleObject
GetUserDefaultLCID
GlobalSize
VirtualProtect
InterlockedExchange
SetLastError
GetAtomNameA
lstrlenA
GetModuleHandleA
WaitForSingleObject
ResumeThread
LocalLock
GetSystemTime

user32

GetDC
ReleaseDC
AnyPopup
EndPaint
CreateIcon
GetFocus
FrameRect
GetTitleBarInfo
GetClassNameA
GetParent
DragDetect
BeginPaint
FillRect
GetCursorPos
ShowWindow
wsprintfA
DrawTextA
SetForegroundWindow
GetWindow

ntshrui

GetLocalPathFromNetResourceA
DllCanUnloadNow
DllGetClassObject
SetFolderPermissionsForSharing
GetNetResourceFromLocalPathA

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ