5fd260a4e38d731c45c1df0f6e67eb0c_JaffaCakes118 | Triage

Sharing

General

Target

5fd260a4e38d731c45c1df0f6e67eb0c_JaffaCakes118
Size

13KB
MD5

5fd260a4e38d731c45c1df0f6e67eb0c
SHA1

c571035ba80c2b4f0a557b4bc000753e6c791e07
SHA256

04dde09de6e4bcab3fcbdeeece2f43797683e1e8a15ec3f1bd44836f300d7db5
SHA512

a69ba3369e062297d8b155382f686d58538879705e1a19c9f88400741f37e684bc2833cc051c8e4b6396815f72f923c6cbc831d7fdade85addb106f57e7edc2c
SSDEEP

192:SUDhIZkG7x4WcLVxT+YRQ48utLtBqt8BBG:SUDhISG7x4WGDT+YRQ48WLt+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fd260a4e38d731c45c1df0f6e67eb0c_JaffaCakes118

Files

5fd260a4e38d731c45c1df0f6e67eb0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c38af9b74e3faf82152063f06ffa368d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__main
abort
calloc
cygwin_internal
dll_crt0__FP11per_process
free
malloc
printf
pthread_atfork
realloc

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleHandleA

user32

FindWindowA
GetWindowThreadProcessId
PostThreadMessageA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 144B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE