a5cbf195c59de1dcf5bab1df754597e7_JaffaCakes118 | Triage

Sharing

General

Target

a5cbf195c59de1dcf5bab1df754597e7_JaffaCakes118
Size

169KB
MD5

a5cbf195c59de1dcf5bab1df754597e7
SHA1

837efed6876fc069c0afd60f7abfe67faf92c620
SHA256

ef723724652c009262a5157274318e530cfcdcc0018c503c7d19bf0244fd3739
SHA512

e94ea114392f9139d065076fcb80822d86f0416757a41989f8d095ddf153850039198773b18fb56c234840603ce8c6c19c89a8cd8e8ffda88067594c3bc1be58
SSDEEP

3072:hvTystzwmp8wFxuw+O8lnUIpAKuMP5QSIrrHJOVtZM32ZM7qymS4ZS4qTnVJX/CO:5zxawFIp1cKZQSqrHCY2ZuqEklqTnV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5cbf195c59de1dcf5bab1df754597e7_JaffaCakes118

Files

a5cbf195c59de1dcf5bab1df754597e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47d147a0f1cbb5bd87c6ee399ff75a38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
GetClassLongA
CharNextA
CharLowerA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA

kernel32

GetThreadPriority
LoadLibraryW
TransmitCommChar
GetProcAddress
EnumResourceNamesW
ExitProcess
FreeLibrary
LoadLibraryA
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ