a5b7e93e07236f51b861a186d08644e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5b7e93e07236f51b861a186d08644e3_JaffaCakes118
Size

91KB
MD5

a5b7e93e07236f51b861a186d08644e3
SHA1

423140f0825e20c38c7b482e33420de206b09770
SHA256

f1684fce7a49d09b37ef238489413bfd4ee9065a3db493b490ce6ac4facd6548
SHA512

c8baad652e510dacd4a67f95e7e4156c9956687a631e7454ca8a7aa652360afbc545af94332896d3a923727ecb5c89504e62d8c8fbb3da2b83a9de7f6ec6c79b
SSDEEP

1536:2M5Rn2XZHSrieJBq/+eGVbzHHJ5ez3nxOEr7mi:F5UXZHSrLRml

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5b7e93e07236f51b861a186d08644e3_JaffaCakes118

Files

a5b7e93e07236f51b861a186d08644e3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

67458554dd5e140653408b265f6ca562

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetVersionExA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
ReadFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

MessageBoxA

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ