5d3f4f358be738111c1ff9c53265d42d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d3f4f358be738111c1ff9c53265d42d_JaffaCakes118
Size

370KB
MD5

5d3f4f358be738111c1ff9c53265d42d
SHA1

7fd11d088229624dc27dfbd222468fdaa0afcada
SHA256

0eff6eaaa3c95bc52054a9e10fd7369085dca13b146a741c6139fccaadefce9f
SHA512

6c59f622e2aeafca2a5084e55f87f612407a8dba8acf43d8c01bc10234947f3db2c23e91d60c743833fc64e234b7308faea8a3c3fa59eecdef473e07fb3ebb82
SSDEEP

6144:tTQtCkTZJQP4MwopG9rCJtxr25JVhtesH+IbYYQRNe7FJJQ:lQt9ZM4MjGrCJtVGVhteFYfZ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d3f4f358be738111c1ff9c53265d42d_JaffaCakes118

Files

5d3f4f358be738111c1ff9c53265d42d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72bbf87a98d84d743f2b2745abf1b1bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
LoadLibraryExW
HeapCreate
GlobalFree
SetLastError
CreateFileW
TlsGetValue
GetExitCodeProcess
GetProcessHeap
GetCurrentThreadId
GetModuleHandleA
CloseHandle
GetEnvironmentVariableA
lstrlenA
CreateProcessA
lstrcpyA
FindResourceW
GlobalUnlock
ReleaseMutex
GetStdHandle

user32

GetDC
FillRect
CreateWindowExA
CreateIcon
DrawMenuBar
CallWindowProcA
DispatchMessageA
SetFocus
IsWindow
CheckRadioButton
GetCaretPos
GetDlgItem
DrawEdge

rsaenh

CPGenKey
CPSignHash
CPDeriveKey
CPDecrypt
CPHashData

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ