5fd2df192b5eb11c091bb4884c4e6b66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fd2df192b5eb11c091bb4884c4e6b66_JaffaCakes118
Size

384KB
MD5

5fd2df192b5eb11c091bb4884c4e6b66
SHA1

1032221579fbbe5d9748c9cce2f2f49118a92df6
SHA256

8dfb9e1aa4b96c6f3fbbd02a7bb08b1e18b0d0c1528c2f4962dced9a2b1f596b
SHA512

bc581afcc4389b8a4c5aaeffa3b73b26143962a88b6d93957f179d5bf9eb982af715ab5d045a48a8698e18cb6dc4bf2f87f8c76aa04151c744e1b44c4e0cde9c
SSDEEP

6144:F2JtYRv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808O4:RR5GdCs0O1BkBqwtjFc0fTjZOT59ozIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fd2df192b5eb11c091bb4884c4e6b66_JaffaCakes118

Files

5fd2df192b5eb11c091bb4884c4e6b66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18e34099b6d35275c7b7a79d3c4b9a5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
IsDebuggerPresent
GetConsoleCP
GlobalLock
FreeEnvironmentStringsA
CreateEventA
HeapCreate
LocalUnlock
CloseHandle
GetACP
LoadLibraryExA
DisconnectNamedPipe
GetStdHandle
LocalFree
GetModuleHandleA
CreateFileMappingA
IsBadReadPtr
GetLastError
CreateFileA
FindClose

user32

DispatchMessageA
GetDlgItem
EndDialog
PostMessageA
GetMessageA
DefWindowProcA
IsWindow
EmptyClipboard
SetFocus
GetDC
GetIconInfo
CreateDialogParamA
ScrollWindow
DrawIconEx

uxtheme

CloseThemeData
DrawThemeIcon
EnableTheming
GetThemeColor
GetThemeMetric

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ