5daf264b3e873f8180ecd4607a63b33e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5daf264b3e873f8180ecd4607a63b33e_JaffaCakes118
Size

119KB
MD5

5daf264b3e873f8180ecd4607a63b33e
SHA1

45f6d096805ad99c3427d5dee09835bba56f2ae8
SHA256

a35b2f5ccadeb7a8e4c78a22ba40084a0f2f0e8eb9d0c2ef8cd12321f34eb947
SHA512

ca90089611388a95305f39b2b7e99295b7c8861ceb34b57807c1ffbdf40f50e925c591e5288f05da1d040e9b56ba892ce30728c14a3953a0aaf13d105e9d81cb
SSDEEP

3072:efGQRp0V9O+lCOLr1dIqo9s4P6MwpPbg3qYrL0vO:RfuO3MhSMwFDYrL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5daf264b3e873f8180ecd4607a63b33e_JaffaCakes118

Files

5daf264b3e873f8180ecd4607a63b33e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f188a558d19175303308624bd0c10947

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
FreeEnvironmentStringsW
CloseHandle
GetLastError
GetThreadLocale
GetProcAddress
FreeEnvironmentStringsA
VirtualAlloc
LoadLibraryA
GetEnvironmentStrings

user32

GetMessageA
TranslateMessage
DispatchMessageA

oleaut32

VarBoolFromDec
VarRound

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ