5f3a4928277664d4c42abe33f03a5702_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f3a4928277664d4c42abe33f03a5702_JaffaCakes118
Size

108KB
MD5

5f3a4928277664d4c42abe33f03a5702
SHA1

91460b7701ce458a63f97f1eef2aaf1b27d43014
SHA256

6ca28e5fad816fb06c5ed743bfcaa5f34ea436bfac6d9db95427d6cca50b5f8c
SHA512

93f318facfa7f2826bf9c54c1e6a34cc054086a1c2ed4991d9c073e9defe8e383b271a1dc15be37eef7d44cee137962e0167a8f0da48e2057e7b258e9760ffd0
SSDEEP

768:oTcqQSenkjEmVd2OHsiiemJWDysQTVoijfziyWBgZGm/SvEtBYG:flkjrVnMfemJC6TiiH7Wk/qEn5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f3a4928277664d4c42abe33f03a5702_JaffaCakes118

Files

5f3a4928277664d4c42abe33f03a5702_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df2d14aa7bc14b189a1dec7367777e79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetLocaleInfoA
VirtualProtect
LockResource
GetLastError
FileTimeToLocalFileTime
EnterCriticalSection
RaiseException
Sleep
GetDriveTypeA
SetConsoleOutputCP
CloseHandle
GlobalAddAtomA
GetACP
SetErrorMode
GetStdHandle
HeapCreate
LoadLibraryExA
IsBadReadPtr
GlobalDeleteAtom
InterlockedExchange

user32

BeginPaint
ValidateRect
ReleaseDC
GetWindowTextA
IsIconic
GetParent
DrawEdge
GetCursorPos
DrawTextA
SetForegroundWindow
GetMenuItemInfoA
GetWindow
GetClassNameA
wsprintfA
GetActiveWindow
GetFocus
EndPaint
ClipCursor
ShowWindow

httpapi

HttpRemoveUrl
HttpInitialize
HttpAddUrl
HttpCreateHttpHandle
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE