5f1d3e14a954e6c791b48f1e59765aed_JaffaCakes118 | Triage

Sharing

General

Target

5f1d3e14a954e6c791b48f1e59765aed_JaffaCakes118
Size

391KB
MD5

5f1d3e14a954e6c791b48f1e59765aed
SHA1

1aa8035b788a3a99e730ef21f3f7f8338bb9d10c
SHA256

ab4a00a49c02f5b6e34f65dc223665b4c30fe737d519639395b9f2cc91c349ff
SHA512

eee763ffe1ed0c6711239454b3665106fd2be055129a2f80ff9b24a40d2d79e4b438c5986205ed237d7146f8f6ba95fa77b9814f3ccbd12692916748a66e51a7
SSDEEP

12288:VORMbHEAJLjpFv6w2K/PkFtlVMHFWg1EOfoMzCc3Sa0n:VORMbkAJLjpFvN/ytkjEOfoMWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f1d3e14a954e6c791b48f1e59765aed_JaffaCakes118

Files

5f1d3e14a954e6c791b48f1e59765aed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eaf90a3bd13f8ee5d2de41344e5d0b34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindAtomA
lstrlenW
ReleaseMutex
WriteFile
CreateEventW
GetCurrentThreadId
HeapCreate
GetCurrentProcessId
GetFileTime
TlsGetValue
LoadLibraryW
ReleaseMutex
GetEnvironmentVariableW
IsBadStringPtrW
LocalFree
GetPrivateProfileStringA
InitializeCriticalSection
GlobalFlags
GetDriveTypeA

user32

EndDialog
DrawStateW
CallWindowProcW
GetClassInfoA
GetSysColor
SetFocus
GetKeyboardType
CreateWindowExA
DispatchMessageA
GetSysColor
DrawTextA
GetClientRect
IsWindow

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ