5d38a46306368548b0c5983ad22e3271_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d38a46306368548b0c5983ad22e3271_JaffaCakes118
Size

182KB
MD5

5d38a46306368548b0c5983ad22e3271
SHA1

2d4ed43dd9de343428c7a0cb5eda28e4ed30c487
SHA256

fa179191b620589b8198c92dff039f019ceec1b2df0b5c26a3b06d57909a20a9
SHA512

38d62f64f20bc061472cec16348034c227c46ac0b55e7527e117ab25e027c28bcc20ffd126da803fad14ac137d39951ecbf67bcd33bbae86855a1ae7077176cc
SSDEEP

3072:GFVuukTTkyouisAy56vBXAufGDOcpA70HSH/wAmAhtlzBvrZjvZN3Gllh:GbuLTxtt56v22GzA7wSfzmytlzJNj2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d38a46306368548b0c5983ad22e3271_JaffaCakes118

Files

5d38a46306368548b0c5983ad22e3271_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c52a05bb084c59c5e1c1d88f14e90ff2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
GlobalMemoryStatusEx
SetVolumeLabelA
GetProfileSectionA
GetPrivateProfileStringA
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

CharToOemBuffW
SetWindowContextHelpId
GetAncestor
SetWindowsHookExW
SetDlgItemTextA
GetIconInfo
GetAltTabInfoA
SetThreadDesktop
CharLowerBuffW
SetRect
GetCaretBlinkTime
OpenDesktopW
ChildWindowFromPoint
GetCaretPos
ChangeDisplaySettingsExW
DispatchMessageW
DdeCreateDataHandle
ToAscii
DdePostAdvise

shell32

DragQueryFile
SHGetNewLinkInfo
Shell_NotifyIconW
SHGetPathFromIDListW
SHBrowseForFolderW
DragAcceptFiles
StrCmpNIW
SHChangeNotify
SHAppBarMessage
OpenAs_RunDLLW
SHUpdateRecycleBinIcon
ExtractAssociatedIconA

Sections

.text
Size: 5KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE