5d3662324b22ae357ae0970969391b53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d3662324b22ae357ae0970969391b53_JaffaCakes118
Size

41KB
MD5

5d3662324b22ae357ae0970969391b53
SHA1

1fd27f2e74e9d900bf1fe651ff0f7ac50f77d289
SHA256

a795d7264089020f052d5387d9bdbd5cbceb54fa88f14ac1fa4728d18a658188
SHA512

2637c6f0a0f026e428d624dc860e5d5e7817c1e5cde3fb4224f7c1993976817b39f72b835c18c698e1d9fa32ff44070504d5cdb79a17b60bea483056da85bb49
SSDEEP

768:sobYAhUu/S/myO7lThgNApvs3S5JkFGx/ho4eyoXhjVbxLSt+kf4:slh8SzchgNMUi5JkUxJXEb0tRf4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d3662324b22ae357ae0970969391b53_JaffaCakes118

Files

5d3662324b22ae357ae0970969391b53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fce91bbcd24ac4991acfc3283f9470d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetDriveTypeA
LoadLibraryExA
FoldStringA
GetLastError
SetConsoleOutputCP
EnterCriticalSection
SetErrorMode
GetACP
LockResource
GlobalUnlock
GetStdHandle
InterlockedExchange
VirtualProtect
GlobalDeleteAtom
GlobalAddAtomA
CloseHandle
GetLocaleInfoA
RaiseException
Sleep
HeapCreate

user32

IsIconic
GetClassNameA
ReleaseDC
GetActiveWindow
ShowWindow
GetWindowTextA
EndPaint
ClipCursor
GetWindow
SetForegroundWindow
CharToOemBuffA
DrawTextA
GetParent
BeginPaint
GetCursorPos
ValidateRect
DrawEdge
GetFocus
GetMenuItemInfoA

version

VerInstallFileA
VerFindFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ