5ea260cff5cf23be2fd07486481bb4ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ea260cff5cf23be2fd07486481bb4ab_JaffaCakes118
Size

252KB
MD5

5ea260cff5cf23be2fd07486481bb4ab
SHA1

c4162559bfa077008a6327a6bf7380fc9aa899cf
SHA256

1e16133123759ca17befa609b4f2d52b453fe148143d77df6559bd28434523ed
SHA512

3be1f6204fcf1ac063d83be920234d8a3b55a4522dec9fc4b0dd19f85e69b0a9f9a06084369a986fab87a5e9df5c2d3386c184cd1d9448c3f3f99c934eb19f05
SSDEEP

3072:Or5jYLRwr356ahgecSnuv3jkykxsyb+V62q/R/r8cUdyUArSWXhl66CIj/YSFvn5:iYLqr352eMP0x3Gq/ucFWWKeLYS8po7r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ea260cff5cf23be2fd07486481bb4ab_JaffaCakes118

Files

5ea260cff5cf23be2fd07486481bb4ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eef10da6b91bd58baad8be1d47882b33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsDBCSLeadByte
GetVolumeInformationA
CreateMutexA
GetStdHandle
GlobalFindAtomA
GetProcessHeap
CompareStringA
TlsFree
VirtualAlloc
GetThreadLocale
GetPriorityClass
CreatePipe
GetExitCodeThread
GetOEMCP
CreateThread
GetUserDefaultLangID
SetEvent
GetConsoleCP
TlsGetValue
ReleaseMutex

user32

GetWindowTextLengthA
GetClassInfoExA
GetWindowTextA
GetClassNameA
InvalidateRect
GetActiveWindow
RegisterClassA
ReleaseDC
IsWindowVisible
CloseWindow
GetFocus
ValidateRect
IsIconic
ReleaseDC
GetDC
GetSystemMetrics
GetWindow
GetForegroundWindow
ShowWindow

shell32

SHGetFolderPathA
SHGetFileInfoA
SHBrowseForFolderA
SHChangeNotify
SHCreateShellItem

ntdsapi

DsBindA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ