5e9a02d1b1c9b5a79ae4e83a7c8ee75c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e9a02d1b1c9b5a79ae4e83a7c8ee75c_JaffaCakes118
Size

427KB
MD5

5e9a02d1b1c9b5a79ae4e83a7c8ee75c
SHA1

d3bcdd7a9ff670e04e3dcca435abe8ce050f90cd
SHA256

0bd47eb390c7450a52b42393354b540e97249f105b92cc1625b0df81359c4b95
SHA512

2dceb2c29f17a8dc9b66051b62b6d0074ec85a4e2f7b88dc868a88f6a7c88847fc25eb85c593c4be212a70c8ce069ca917c03683ce6caf61a0f8fcf7fa5de774
SSDEEP

6144:CcwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQt:Cc7O3N50BMukyHgG51A5WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e9a02d1b1c9b5a79ae4e83a7c8ee75c_JaffaCakes118

Files

5e9a02d1b1c9b5a79ae4e83a7c8ee75c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

042a792b5afc9d819795fcefa6634abd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetLocaleInfoA
InterlockedExchange
GetACP
GetStdHandle
VirtualProtect
SetConsoleCP
FoldStringA
GlobalFree
GetLastError
LockResource
GlobalDeleteAtom
GlobalUnlock
GlobalAddAtomA
SetErrorMode
RaiseException
EnterCriticalSection
Sleep
CloseHandle
HeapCreate
GetDriveTypeA

user32

EndPaint
GetWindowTextA
ValidateRect
ShowWindow
GetFocus
IsIconic
DrawEdge
BeginPaint
GetMenuItemInfoA
GetParent
SetForegroundWindow
GetClassNameA
ReleaseDC
GetCursorPos
ClipCursor
GetWindow
CharToOemBuffA
DrawTextA
GetActiveWindow

version

GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ