b5a60da4cc1281165a2292ed9d54a19a_JaffaCakes118 | Triage

Sharing

General

Target

b5a60da4cc1281165a2292ed9d54a19a_JaffaCakes118
Size

50KB
MD5

b5a60da4cc1281165a2292ed9d54a19a
SHA1

f5401c9f5ecebb6ec99983e020c2d2f3b14dd375
SHA256

e9b26e8cd48af87c8906cbb4dcf152f264b8e86534fce10bdbd91eba5fdbbdb8
SHA512

c07c0923faff6c65732ecae06f2f0c212150913b217fba6eb1369251dc54ff0a00713a61e705cf4b16ae82256e1450f5a09315a6148095dae40a799e0c2cb819
SSDEEP

1536:NXeUvvtv1LJk4IEpjgmBlbT8ElL6cX/6hmgMeMD3j:VfHtvDIEhgWlbT8EB1Xya3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5a60da4cc1281165a2292ed9d54a19a_JaffaCakes118

Files

b5a60da4cc1281165a2292ed9d54a19a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e272aedf04a90f02b87cde56369cbadf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelW
GetConsoleAliasesW
WriteProfileSectionA
GetPrivateProfileIntA
GlobalFindAtomW
GetConsoleCommandHistoryLengthA
CreateNamedPipeW
CreateEventA
GetLongPathNameA

user32

IsCharAlphaNumericW
CharNextW
GetMessageA
LoadMenuIndirectA
GetUserObjectInformationA
TranslateAcceleratorA
DefFrameProcA
InsertMenuA
wsprintfA
GetMessageA

gdi32

EnumFontFamiliesA
AddFontResourceExW
GetGlyphOutlineA
CreateFontA
GetCharWidthFloatA
CreateFontIndirectExA

Sections

.masm
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ