5e77df5da53c2f2498260db03d0e659a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e77df5da53c2f2498260db03d0e659a_JaffaCakes118
Size

716KB
MD5

5e77df5da53c2f2498260db03d0e659a
SHA1

245317e7e6e95b68e1c576dda7af7e600ab410a2
SHA256

334aa4f53ab4a785527810d1f948e0b052e59a8f01e42680f649f51e35b39eca
SHA512

33cc37d39f192a106c02d0681d00e1bb842bd6676a7225fe46a18f79142e2e32fe6cd6471f2c3033d6ef2b6f59eddc4dbb650a4c2e3d71b56dad7ce01f10bc30
SSDEEP

12288:Hea+MbZQknFU0GLzhAli0g6+TNm6ovS+UCOjuILrAoVJAtOYr/P8Te+OkJmR9W1X:HUknF2n+AH6H/UCOj3r/ItpbPqe+9Jms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e77df5da53c2f2498260db03d0e659a_JaffaCakes118

Files

5e77df5da53c2f2498260db03d0e659a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39ee2be866c5d3c51cc34cfd4015ecd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
HeapWalk
HeapReAlloc
CompareFileTime
WaitForSingleObject
VirtualProtect
ResetEvent
InterlockedExchange
GetACP
GetTickCount
GetConsoleCP
TlsFree
GetAtomNameA
lstrlenA
LoadLibraryW
GlobalUnlock
CloseHandle
GetProfileIntA
GetVersion
SetEvent
GetModuleHandleA

user32

InsertMenuA
UpdateWindow
CopyRect
GetMenuStringA
ScrollDC
GetParent
DialogBoxParamA
InflateRect
GetScrollRange
PostMessageA
DispatchMessageA
EnableScrollBar
GetWindowTextA
GetWindowLongA
EqualRect
TranslateMessage
GetMenu
ShowWindow
SetWindowPos
LoadIconA
SetPropA
MessageBoxA
GetSubMenu
PostQuitMessage
DestroyMenu
GetKeyboardLayout
ModifyMenuA
SetSysColors
GetDlgItem

userenv

LoadUserProfileA
FreeGPOListA
GetProfileType
GetGPOListA
RefreshPolicy

apphelp

ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ