5f8266b40dfd4c8c5c78e4003678a113_JaffaCakes118 | Triage

Sharing

General

Target

5f8266b40dfd4c8c5c78e4003678a113_JaffaCakes118
Size

22KB
MD5

5f8266b40dfd4c8c5c78e4003678a113
SHA1

479c709e3b3df92fb28d3ea4e350b06aaccdf340
SHA256

4938def29a5b3ce95873d485f16bdffb8d2ad8e507fd44294391ad02dde702ac
SHA512

a2ccca96eeb8c5428b00fa357f904f5ac63369eb6a5bab59fa1b7d0f668993785847c764c4e5cdf561eac7573b3f1a05e0ae44bf453c87f901bed559736b9372
SSDEEP

384:0RzTv0qZWDY++N2LmLIN2M/6+nn3o7DqfVC/TN/l+yGDAlIJ5aNCtUL6M3j3q:+zTsqODW2SL5MCw3o7eI2ydlqLM3j3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f8266b40dfd4c8c5c78e4003678a113_JaffaCakes118

Files

5f8266b40dfd4c8c5c78e4003678a113_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be94e6618f558e58ad8788db5a7a0d51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNamesForVolumeNameA
GetWriteWatch
VirtualAllocEx
CreateFileA
GetComPlusPackageInstallStatus
FindFirstVolumeMountPointA
VirtualQuery
ReleaseMutex
SetTimerQueueTimer
SetFilePointer
GetFileAttributesExA
ReadConsoleOutputCharacterA
OpenEventA

user32

SetCaretBlinkTime
GetMenuItemCount
DdeGetLastError
EndDialog
RegisterHotKey
GetUserObjectSecurity
GetLastActivePopup
TranslateMDISysAccel
CreateAcceleratorTableA
DdeQueryConvInfo
MessageBoxIndirectA
GetMenuCheckMarkDimensions

Exports

Exports

Utsbwlqdtv
EndDoyvqchbjt
SetFfjiuwcbdas
CloseAtqijwyi

Sections

.text
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ