5f9ee250b6b7b25884a0eda9b1b64120_JaffaCakes118 | Triage

Sharing

General

Target

5f9ee250b6b7b25884a0eda9b1b64120_JaffaCakes118
Size

31KB
MD5

5f9ee250b6b7b25884a0eda9b1b64120
SHA1

9fc1ecb18936238ae9b8296b357737158fb9d694
SHA256

d526692d0d5604e691000f2b8b23d3a830a4c6bd3352317e4a52b9e5d038624e
SHA512

b35a6e871a0cc6196f9013655f4f38f90356253a36d8c3b59e5c7d94dde3c9aa79f893be3627185213508f65413ec2e12f0615fbd6d1a79572ee829d440701b4
SSDEEP

384:i6Oj8XXywOpbNzcyRGRDxRFIu5+mg4t481rG/uqfkqtGdo4lnxAQzD9XVmux6eK7:GoXXbOnIyURDP+ElEkFdo4hx/39X0u6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f9ee250b6b7b25884a0eda9b1b64120_JaffaCakes118

Files

5f9ee250b6b7b25884a0eda9b1b64120_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76a4bd9a80798bc7bea07f59883a3e02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
LCMapStringW
TerminateProcess
GetStringTypeW
lstrcpynA
lstrcpyA
LCMapStringA
SetFilePointer
GetStdHandle
GetStringTypeA
MultiByteToWideChar
GetCommandLineA
lstrcatA
GetModuleFileNameA
GetACP
CreateFileA
WriteFile
lstrcpynW
GetStartupInfoA
GetVersion
GetCPInfo
GetCurrentProcess
GetOEMCP
GetFileType

user32

LoadMenuA
DrawIconEx
CopyRect
CloseWindow
DialogBoxParamA
IsMenu
IsWindow
GetWindowTextA
InsertMenuA
GetDC
LoadCursorA
DrawIcon
CopyImage
GetFocus
CopyIcon
EndDialog
GetWindowTextLengthA
GetDlgItem
DrawTextA
GetMenu
DialogBoxParamW
GetCursor
DrawTextW
CreateIcon

comctl32

CreateMappedBitmap
MenuHelp
InitCommonControls
ImageList_Draw
ImageList_GetIconSize
ImageList_Copy
ImageList_Destroy
CreateStatusWindow
ImageList_Create
ImageList_DrawEx

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 16.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ