5d9fcfe4da4e729f1bdb67ae449cf829_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d9fcfe4da4e729f1bdb67ae449cf829_JaffaCakes118
Size

636KB
MD5

5d9fcfe4da4e729f1bdb67ae449cf829
SHA1

e387f0d08f2db7f9356ee267871eb9eacb27d4d4
SHA256

96a1e769ba18dea96e31b887261ed2420cb36f37002e7b19cb6820743578c440
SHA512

7c94c8143514ef401f19979d88fc83ea7679a2eae366aa8864ab6a2b7c674408c8cce09158a15b048b49936ed77d5592172ced3b667cd63ec0db1f81b37226e0
SSDEEP

12288:sswQBI2ox0auZK248B7xIGJ3bGNacM+oz8JGuS4wLSlFd:sswAh60aiIM7x5xbMLom44wmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d9fcfe4da4e729f1bdb67ae449cf829_JaffaCakes118

Files

5d9fcfe4da4e729f1bdb67ae449cf829_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b4387ab789c9f83a1a867811ce13741

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetModuleHandleA
HeapReAlloc
WaitForMultipleObjects
HeapCreate
GetVersion
SuspendThread
GetCommandLineA
GetTickCount
GetAtomNameA
GlobalUnlock
CompareFileTime
VirtualProtect
SearchPathA
SetConsoleCP
CloseHandle
InterlockedExchange
GetSystemDefaultLangID
WaitForSingleObject
lstrlenA
GetStdHandle

user32

InsertMenuA
SetWindowPos
EnableScrollBar
SetScrollInfo
CreateMenu
GetKeyState
DialogBoxParamA
FindWindowA
GetCursorInfo
DragObject
InvertRect
DispatchMessageA
MessageBoxA
SetPropA
DrawCaption
CreateIcon
GetDlgItem
CreateCursor
DestroyMenu
GetKeyboardLayout
DispatchMessageA
CopyImage
IsDialogMessage

advapi32

RegCloseKey
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ