5f1b3f534f5daa611ba4aeed4e30f7e1_JaffaCakes118 | Triage

Sharing

General

Target

5f1b3f534f5daa611ba4aeed4e30f7e1_JaffaCakes118
Size

519KB
MD5

5f1b3f534f5daa611ba4aeed4e30f7e1
SHA1

ea74fb2369181448b80bf01f883480dbff5d2592
SHA256

bda721faed9acfd6cbf7865984e44c9ebfade6a54b2515e1acc77bfcd3cfa991
SHA512

09606ceb11f02d12583bd9d6a72b6b20ff24daffe2827293f726b193d933d3e0066ff67f486e336e3d8dc4147b1ec6775126ec2cca29c55834e93d8d4904959f
SSDEEP

12288:KBwzofwbWKnGoxmMVTj96Jr7NwDFgbA+oRrh2iFVJ8/+t+hsbWW+p9h5ZPq2h:KcW0EeSLoxVpt61dpjPqk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f1b3f534f5daa611ba4aeed4e30f7e1_JaffaCakes118

Files

5f1b3f534f5daa611ba4aeed4e30f7e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

279e9df9776094231b4e473e939edae8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetSubMenu

kernel32

GetModuleHandleA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
LeaveCriticalSection

ws2_32

bind

wininet

InternetCloseHandle

msvcrt

_controlfp

msvcp60

?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

msvcirt

?get@istream@@IAEAAV1@PADHH@Z

mfc42

ord5787

gdi32

CreateFontA

advapi32

RegQueryValueExA

shell32

SHAppBarMessage

comctl32

_TrackMouseEvent

oleaut32

VariantClear

Sections

.text
Size: 14KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE