5ed1cb6e270a66d593478ebfefd7213d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ed1cb6e270a66d593478ebfefd7213d_JaffaCakes118
Size

56KB
MD5

5ed1cb6e270a66d593478ebfefd7213d
SHA1

7bfc3ed00f022b899ec080acf9910117c91fce53
SHA256

c45642a5e4616d99b1cf1c12ebaf836ac0b41572fbb013c3febadb7d8f75b2fb
SHA512

9c98a8980c3288118f565b2f6336115d57bb5f816bcdb80b26f8dea2106336992df66920ae678c911d417f0164b4852798063b64422cb3db7c7865c85e443ae5
SSDEEP

384:+Oc/9RFckigkP5hYq27Z0eoJ5KDv+Js+IvmuzcEavC+2WyR6sdmFlfBHoI9:+O75phh/27Z0LKC+TBc4WgmFVBHoI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ed1cb6e270a66d593478ebfefd7213d_JaffaCakes118

Files

5ed1cb6e270a66d593478ebfefd7213d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05c5bf0a13c1681dcaa167bdf06e3c3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
LoadLibraryA
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
GetProcAddress
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
GetLastError
CloseHandle
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

DefWindowProcA
MessageBoxA
DestroyWindow
PostQuitMessage
BeginPaint
EndPaint
LoadIconA
RegisterClassA
CreateWindowExA
ShowWindow
SetWindowPos
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

GetStockObject
TextOutA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ