5d2e6a94e0ed1dd7f244a4056cd45d37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d2e6a94e0ed1dd7f244a4056cd45d37_JaffaCakes118
Size

175KB
MD5

5d2e6a94e0ed1dd7f244a4056cd45d37
SHA1

66d768a21b0eed9769f1bbe78cfb55bb687cdf2a
SHA256

497bc277221639cb91848aca4bc47c30ac95cbe484726a0e22ce1dc5625298a0
SHA512

53ea19e71234b45c5eacff990f5cf8afcc90a5cd0231d129a09b959c1d3b1856c32f3255c2071b475dd5efbc0580501e216811f7f12192e26596f6c6ccaebe5d
SSDEEP

3072:eTZfmSU9wCePJqG9gTpqniRMpJvZ0jayFIbTfvmH1DfPbUlQ+ALV:W7U9beJWTYniRMpJR0zcTWdPb7+A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d2e6a94e0ed1dd7f244a4056cd45d37_JaffaCakes118

Files

5d2e6a94e0ed1dd7f244a4056cd45d37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05968ae696bfe857e63bd08240b33617

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
SetLastError
GetACP
LockResource
lstrlenA
GetAtomNameA
VirtualProtect
WaitForSingleObject
GetCommandLineA
LocalLock
LoadLibraryExA
InterlockedExchange
GlobalSize
GetModuleHandleA
GetConsoleCP
PeekConsoleInputA
WaitForSingleObject
ResumeThread
TlsGetValue
GetUserDefaultLCID
GetSystemTime

user32

DragDetect
GetTitleBarInfo
SetForegroundWindow
wsprintfA
CreateIcon
GetParent
GetWindow
EndPaint
GetDC
GetCursorPos
FrameRect
ShowWindow
ReleaseDC
DrawTextA
BeginPaint
GetClassNameA
AnyPopup
FillRect
GetFocus

ntshrui

DllGetClassObject
GetNetResourceFromLocalPathA
DllCanUnloadNow
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ