5e8b088fb925cea803e30df92d0530bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e8b088fb925cea803e30df92d0530bf_JaffaCakes118
Size

184KB
MD5

5e8b088fb925cea803e30df92d0530bf
SHA1

2ec0e3bf01c9baf82e4969f0e59f5753d5c92069
SHA256

2d8b9fde146a94cee5a67af99db3dae9d4be1c4fb7e6cc7abb829707614ef1b4
SHA512

1c79c1be2c03a56eaa9a718f7f2d5b75f2dde5c60508f265d6de3f72463dbc0a478d11a74ea5d0450edc08fc7fa87bbd27aca80ac176f124b1e665e045c0045f
SSDEEP

3072:vaoTOs0VwkS4ZqCBEKlohOYRD79BOV2M6MeZddHE8Wv9S0as7Bq30vOgZ4vSjRED:vRT10x1BEOYJDhN5i7BIaOgXED

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e8b088fb925cea803e30df92d0530bf_JaffaCakes118

Files

5e8b088fb925cea803e30df92d0530bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f096c3952a451b323423be0c2755470a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetEnvironmentStringsW
GetOEMCP
GetCPInfoExA
GetThreadLocale
TlsGetValue
WideCharToMultiByte
TlsSetValue
GetStdHandle
LeaveCriticalSection
GetVersionExA
GetLocaleInfoA
WriteFile
DeleteCriticalSection
GetCPInfo
UnhandledExceptionFilter
EnumResourceTypesA
EnterCriticalSection
lstrlenW
InterlockedIncrement
FreeEnvironmentStringsW
HeapSize
SetHandleCount
QueryPerformanceCounter
GetACP
FreeEnvironmentStringsA
LoadLibraryW
GetFileType
GetStartupInfoA
InitializeCriticalSection
GetLastError
GetEnvironmentStrings
RaiseException
InterlockedExchange
GetTickCount
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

gdi32

SelectObject
GetTextMetricsA
GetDeviceCaps
DeleteObject
GetTextExtentPointA
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ