5fe97a7c808389a6679fd3163c9030fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fe97a7c808389a6679fd3163c9030fb_JaffaCakes118
Size

180KB
MD5

5fe97a7c808389a6679fd3163c9030fb
SHA1

905b71da7a15e6d2c60c7beaa02cb4e6dc132804
SHA256

1e09ece2d5e29ed446ad470fd4901a6280a7a473f3881b1bacef3297c65800f8
SHA512

4fc254eda685a0b4f981b3c7fd93b21a077bafde0585c639fce73b51c4587ac8780054af207ce1a5048e0f2ceef2f96865f359c96daba63d8ef9a1604d1c3e51
SSDEEP

3072:hOSITi7admddwyhzE9n+gYyloBrpzQlZTMmX7Ar73vzjaci43MGkg:0pTSadmwYE9+PUWZQfomkrD/DMGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe97a7c808389a6679fd3163c9030fb_JaffaCakes118

Files

5fe97a7c808389a6679fd3163c9030fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93361f8c6c57c9899e28c079929db992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc

user32

wsprintfA

Sections

<L6_@[S3
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

mCM=ZKdr
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

`?V yy&d
Size: 4KB - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sxEu).sB
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ