5fba0b3365a5584e72ec6da007403dd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fba0b3365a5584e72ec6da007403dd8_JaffaCakes118
Size

184KB
MD5

5fba0b3365a5584e72ec6da007403dd8
SHA1

8ab7b3c9d2b6a013db6a16d5b306427ed2fad585
SHA256

cbb2da4ed06edc555f218f86cacac535b5cca396738062ece7ba074365f9d481
SHA512

cd244badfdf1a9314062f92626cdb52e623a694e655bd8b9bbebbf34d758d7de3a05950d91a588fbacb08d6b557f159d1813f19a68df0c6ff870f59064fef67e
SSDEEP

3072:rp2qHfIKHvC9VyFt472NMs+3UQOnmUtITk+Dv/KuQ8jBueWnrfLxWfzT72G8TR:r8KPC9VWto2mqpITk+DHKuxBueifLxWQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fba0b3365a5584e72ec6da007403dd8_JaffaCakes118

Files

5fba0b3365a5584e72ec6da007403dd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a13912226f0478d01fc79a4674238301

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetTempPathA
GetPriorityClass
EnumTimeFormatsA
GetCommState
DeleteFileA
GetFileAttributesExA
SetFileAttributesA
GetDevicePowerState
GetPrivateProfileSectionNamesA
OpenThread
ExitProcess
ExitThread
lstrcpy
GetOEMCP
GetCommandLineA
GetProcessPriorityBoost
ReleaseMutex
ReadConsoleOutputCharacterA
InterlockedExchange
GetExitCodeThread
GetCurrentDirectoryA
lstrcat
DeleteTimerQueue
HeapDestroy
DeviceIoControl
GlobalReAlloc
FlushFileBuffers
Module32Next
DeviceIoControl
GetSystemWindowsDirectoryA
GetCommandLineA

ws2_32

recv

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 156KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ