5f0efc706b7d9ba6acb835b20328e9fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f0efc706b7d9ba6acb835b20328e9fb_JaffaCakes118
Size

54KB
MD5

5f0efc706b7d9ba6acb835b20328e9fb
SHA1

500da17dffb220a0a11b7bca7b5ce7b60d4d8964
SHA256

652458d9db58e92b689ccc9a8859d91c218e468359d15324a7c9a9e4903443ca
SHA512

a734f74f816f0c60c06bc9b1fd8abd8a79d8c5c6998e14a4c2a7a1a65872a066fd6a189bf823b20071a205a72e6b58732c0c8a87feb14fa90219b84ba3bede49
SSDEEP

768:Zd4x/baENd3NXvyk+8h5kTdQrPXAVVdfLTAmFVfzJWhKxVkWCTP+WOo3j1DXjn/P:ZdQbjNd3NXvXtkr51HRCiWOo3j1DL/e8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f0efc706b7d9ba6acb835b20328e9fb_JaffaCakes118

Files

5f0efc706b7d9ba6acb835b20328e9fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

383f4b8e09996293cfe1d55b6fb78cb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetConsoleCP
IsBadReadPtr
FreeEnvironmentStringsA
CreateEventA
CreateFileMappingA
WaitForSingleObject
LocalFree
LocalUnlock
IsDebuggerPresent
GetModuleHandleA
CreateFileA
HeapCreate
GetLastError
FindClose
GetStdHandle
LoadLibraryExA
LocalLock
GetACP
CloseHandle

user32

DefWindowProcA
EmptyClipboard
SetFocus
GetDlgItem
DispatchMessageA
GetIconInfo
PostMessageA
GetMessageA
ScrollWindow
IsWindow
CreateDialogParamA
GetDC
EndDialog
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BERDecCheck
ASN1BERDecEoid
ASN1BERDecBool
ASN1BEREncFlush

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ