a5f769ba9fa753a778384eab4c341372_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5f769ba9fa753a778384eab4c341372_JaffaCakes118
Size

272KB
MD5

a5f769ba9fa753a778384eab4c341372
SHA1

f955edd5073f52ba6c92fe5334e2dd556b438752
SHA256

56b840bc2a38c67d5dc17d7f24ec8160303fb84788d5126c121dcfb4407e5b5b
SHA512

7a2e2be545d8f466de485209bb9078870b1b4bbc799a47d2c1bff6c7a2c30c2b488873cfa553b9d33cdd63f1e70c915366bf8685f1458bdfea5f7a8284c0f8fe
SSDEEP

6144:qvuFt8S5F85if1ONAb2Oi5WklYcb7xjgM+SW9/aXLX:qvuY8z9xbTi5IvM+S0aXLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5f769ba9fa753a778384eab4c341372_JaffaCakes118

Files

a5f769ba9fa753a778384eab4c341372_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6f5dc16e5f23bde5c30fc2b317fca00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetCurrentThread
GetUserDefaultLangID
TlsFree
VirtualAlloc
TlsSetValue
FreeLibrary
GetCurrentThreadId
CreateProcessInternalA
IsDBCSLeadByte
GetACP
GetCurrentProcessId
GetModuleFileNameA
GetSystemDefaultLCID
lstrcatA
GetCommandLineA
GetOEMCP
lstrcmpA
GetLogicalDrives
GetDriveTypeW
TlsGetValue

user32

GetFocus
GetWindowTextLengthA
ReleaseDC
GetSystemMetrics
IsWindowVisible
CloseWindow
ShowWindow
GetDC
IsIconic
GetWindowLongA
BeginPaint
GetWindowDC
GetWindow
GetActiveWindow
GetWindowTextA
GetForegroundWindow
UpdateWindow
GetClassLongA
RegisterClassA

imagehlp

CheckSumMappedFile
FindDebugInfoFile
ImageNtHeader
BindImage
ImageLoad
FindFileInPath

oleacc

GetRoleTextA
LresultFromObject
DllGetClassObject
GetStateTextA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ