5ff5eb8006ebf284d99726063d67ac1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ff5eb8006ebf284d99726063d67ac1d_JaffaCakes118
Size

281KB
MD5

5ff5eb8006ebf284d99726063d67ac1d
SHA1

82a93b82a0cca417a9b995e2898f49a787d2c9ef
SHA256

56a096867836d690fe84199e6708f4de8b430c71727eb830cc191a018de0008c
SHA512

e046f63f2ff07bde0473231a1f99d16fdb3a67b00178b61120d5969f4aab8be3aa60e69f699dafd6160e2bb0a8aee95bdffcfaeb5766f1153146b197d7a0857e
SSDEEP

6144:nZJJE817p/nV2i7ekAEHE0+9R4hixuOLCWsJaG+GOn/UbKFeB:n/u0db6h8Ed9ahi3sabn/UbX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ff5eb8006ebf284d99726063d67ac1d_JaffaCakes118

Files

5ff5eb8006ebf284d99726063d67ac1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

011b4e9d41aed6b8152f9d5d171d2b8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CloseHandle
VirtualProtect
LoadLibraryW
GetACP
GetSystemTime
TlsFree
GetVersion
ExitProcess
PulseEvent
GetBinaryTypeA
GetLocalTime
FreeConsole
GetModuleHandleA
GetTickCount
GlobalFlags
SetEvent
FindResourceExA
InterlockedExchange
HeapReAlloc
lstrlenA

user32

EnableScrollBar
PostMessageA
GetSubMenu
GetMenuStringA
TranslateMessage
GetWindowLongA
ScrollDC
ModifyMenuA
SetSysColors
DestroyMenu
CopyRect
GetDlgItem
LoadIconA
InsertMenuA
SetWindowPos
GetParent
DispatchMessageA
DialogBoxParamA
SetPropA
MessageBoxA
EqualRect
GetKeyboardLayout
UpdateWindow
ShowWindow
PostQuitMessage
GetMenu
InflateRect
GetWindowTextA
GetScrollRange

shlwapi

UrlCombineA
StrToIntExA
StrToIntA
UrlHashA
StrTrimA

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ