5e61de477a428ba89b6cc55489bbb11f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e61de477a428ba89b6cc55489bbb11f_JaffaCakes118
Size

106KB
MD5

5e61de477a428ba89b6cc55489bbb11f
SHA1

a23706eef965ef53e1284fe5117b3e53e625d41b
SHA256

35b76e3fc1fdd6bfe0fe2dec0e0f33b414f8453b636ecc9b25fc141986e5e563
SHA512

f5e91f9dbe7bfc21a83026d6c16b5a9470898a82a84fe984b0f6486a0ef84f86498e39b9e8689cef402b2d335b7b596ee619c10cefa8c2e815a9bc2e49a84760
SSDEEP

1536:j5MPxNPJBuJ3did2F8XbofBho+nOw9xxGwLOQnXE6svqZjE52gnSaUW/zcM5WJj8:jeHkk0F8XbWg+7LOUE6sv53wWpWjXXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e61de477a428ba89b6cc55489bbb11f_JaffaCakes118

Files

5e61de477a428ba89b6cc55489bbb11f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

764e46b4e886fb56ad221fd03be8b7a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdePostAdvise
CascadeWindows
ClientToScreen

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

kernel32

CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetConsoleWindow
GetDateFormatW

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE