b5d5a3f182f0fd5f38ceb9df78687f8d_JaffaCakes118 | Triage

Sharing

General

Target

b5d5a3f182f0fd5f38ceb9df78687f8d_JaffaCakes118
Size

33KB
MD5

b5d5a3f182f0fd5f38ceb9df78687f8d
SHA1

f7f92365e19d05c8487301ec6a882e3c78ddbac9
SHA256

2d477b478ad5495ad36d96a9f30dfe6f4748af618d2b8e68cfd9b0f4f3abbeb6
SHA512

29673469d040322acf60fc00b14ad956ceb993287f678398cc2b5cc4841999607286d4660ec0784584cb0b95e4ceba4a704c0bdf251c9b0654618c08eb1160cf
SSDEEP

768:OIETD/QKjrk2SvjVviiMerD7VWcNP1oFO:lIxrRSbVBv7VWW1oo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5d5a3f182f0fd5f38ceb9df78687f8d_JaffaCakes118

Files

b5d5a3f182f0fd5f38ceb9df78687f8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32585742fac16edbab4b87b59de8024e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
InterlockedExchange
GetSystemDefaultLangID
GetStdHandle
SetConsoleCP
CloseHandle
HeapReAlloc
GetTickCount
GlobalUnlock
GetModuleHandleA
lstrlenA
LoadLibraryExA
GetAtomNameA
WaitForMultipleObjects
SuspendThread
HeapCreate
VirtualProtect
CompareFileTime
GetConsoleCP
WaitForSingleObject
GetVersion

user32

InsertMenuA
SetWindowPos
DialogBoxParamA
GetKeyboardLayout
CreateIcon
FillRect
FindWindowA
InvertRect
SetScrollInfo
EnableScrollBar
DestroyMenu
DrawCaption
CopyImage
DispatchMessageA
CreateMenu
GetKeyState
GetDlgItem
GetCursorInfo
IsDialogMessage
DragObject
SetPropA

advapi32

RegCloseKey
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ