5fe610a73df4f8e0d55053e3a2fa0bbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fe610a73df4f8e0d55053e3a2fa0bbb_JaffaCakes118
Size

241KB
MD5

5fe610a73df4f8e0d55053e3a2fa0bbb
SHA1

820acbb3ae28717eabfe725633fad68cf62b1033
SHA256

ebffe88a36ac913c6a3346e3044f3df9d567c3c6eb0eb3538e39d6fa02540cd7
SHA512

470ef5bac04258a2180891277b91ef3cf0113353f25b22d9fd304f530a2ee17a533d96e9159ae3344c489f2923b8ae2b2cf54aa5282c048d7c88fd9c1d153ca2
SSDEEP

6144:ZmSM4Jg5oOGNYjTReDWJ3+JVtztzJL8/3sithMgdHuvDGy7AD:wSLb6eDWJ3+JztzhYthTd2GVD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe610a73df4f8e0d55053e3a2fa0bbb_JaffaCakes118

Files

5fe610a73df4f8e0d55053e3a2fa0bbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee03b2f14151358372bc4546cdf1563e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LockResource
InterlockedExchange
EnterCriticalSection
SetErrorMode
GlobalDeleteAtom
GetLastError
GlobalUnlock
GetDriveTypeA
GetACP
GlobalFree
RaiseException
SetConsoleCP
FoldStringA
GetStdHandle
GetLocaleInfoA
LoadLibraryExA
VirtualProtect
Sleep
HeapCreate
GlobalAddAtomA

user32

GetCursorPos
GetFocus
DrawEdge
GetMenuItemInfoA
GetClassNameA
SetForegroundWindow
GetActiveWindow
IsIconic
GetWindowTextA
CharToOemA
GetWindow
ClipCursor
BeginPaint
GetParent
DrawTextA
ShowWindow
ReleaseDC
ValidateRect
EndPaint

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
VerLanguageNameA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ