5e982e0127bedc9fed568d3d8c46546b_JaffaCakes118 | Triage

Sharing

General

Target

5e982e0127bedc9fed568d3d8c46546b_JaffaCakes118
Size

1.2MB
MD5

5e982e0127bedc9fed568d3d8c46546b
SHA1

325b4fc9dcfbdc08dd67bbc391c1936daff2c9f3
SHA256

45ee7078e1cfd878720d68bbd65d35855e8deff718b188fccc6f6e8557639630
SHA512

a3f4a215a9bf8edfc5d01719af02245ceb03171c36b07db548306e56ef5722334a3c34e6548071df5ed1b2f8ddee7e3732b401113a154ff83c72c69e226fb23f
SSDEEP

24576:r5qQQUAaYnI4qkZqxfKaLt9GbZ4kCTD9XvjCz1l/tU7FEIG+xAMVf6y4O:bQUAQ4fZqxSUHym5TDpvjaPCxb5VCy4O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e982e0127bedc9fed568d3d8c46546b_JaffaCakes118

Files

5e982e0127bedc9fed568d3d8c46546b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

899ba20c67ea5527985cd1908841d636

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DebugBreak

gdi32

CreateHalftonePalette

oleaut32

VariantInit

Exports

Exports

@@Cdjs@Finalize
@@Cdjs@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 20KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE