5f42db06d891f44387f43505d1516e56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f42db06d891f44387f43505d1516e56_JaffaCakes118
Size

51KB
MD5

5f42db06d891f44387f43505d1516e56
SHA1

61fad14e4543097ddbbd5bdc8ffe8b795fd2ce9a
SHA256

7c83ebe54b40a03f317d2330f726637ca0d6f2522dc3ddd20d01ca2aed4c92ee
SHA512

62015fefa44af33b212e7fdb07f94b4fa8054f9815871a01f724da999b739cb046f52c70aff6ad637c1f5a3c27e7a2f66427f6d67da38e6b30fda707ca813380
SSDEEP

1536:mfyZpk2eDnH4lsbrngoDToe6ssemMvFI86WfO:mopkZMKr9ce6H5MNI86b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f42db06d891f44387f43505d1516e56_JaffaCakes118

Files

5f42db06d891f44387f43505d1516e56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4eafc01e26370ab7deedc48d8ec7dff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
FloodFill
PathToRegion
PtInRegion
GdiStartDocEMF
RectInRegion
PolyPatBlt
GetTextColor
GetPixelFormat

shell32

SHEmptyRecycleBinA
StrRStrA
SHFileOperation
Control_RunDLLW
SHFileOperation
SHGetDesktopFolder
RealShellExecuteExW

user32

CopyImage
ChangeMenuW
CallMsgFilterW
CreateMenu

Sections

.text
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE