5f950b263c20bf28c37423256fb2281b_JaffaCakes118 | Triage

Sharing

General

Target

5f950b263c20bf28c37423256fb2281b_JaffaCakes118
Size

61KB
MD5

5f950b263c20bf28c37423256fb2281b
SHA1

a4cd38abe727c5840af46224983d4c443bde86a1
SHA256

11b46961c0e4f0ee22c81a72591bf0bd59843e97404f453fb15a8cb465e7475d
SHA512

14adf13ff49e1dca1e40a96019c58fc81298b1c557eee422f7cb37bdd7a97d07a04b5f9f2eec4036c9775f3b1415bb5d4dab78fd94eb401634f38e9481d6567b
SSDEEP

1536:UV8C4tI/nwsIcpuZFh9SF+5PZquVStEzu4HsOt:UT4tI/nwsIcwZX93zqLF4HsOt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f950b263c20bf28c37423256fb2281b_JaffaCakes118

Files

5f950b263c20bf28c37423256fb2281b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d898f2a6f3126a03e24c56797752d4b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetThreadDesktop
IsCharUpperW
IsCharAlphaNumericA
SetWindowRgn
EnumDesktopWindows
SetClassLongA
ValidateRect
GetActiveWindow

ole32

CoRevokeClassObject
OleSetClipboard
IIDFromString

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

SizeofResource
HeapDestroy
SetFileAttributesA
HeapFree
LoadResource
GetThreadContext
HeapCreate
GlobalHandle
LocalFree
GetStartupInfoA
FindResourceExW
LocalAlloc
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryA

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ