b5f6368bea49958408836fd0b5310565_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5f6368bea49958408836fd0b5310565_JaffaCakes118
Size

63KB
MD5

b5f6368bea49958408836fd0b5310565
SHA1

4f2f693217b9eb0bf11fe1f95dbc4d20c2ce448d
SHA256

35d30cb28931d4dd37060fa74d539d1c5f842492abc9a7dc77d83202c50c2c4c
SHA512

c85e3b0437be5e872faa88cbb02ef2e41c0d73b5dad671fb7f8c7d615ba438a7a0063970b0fedbaca1d3e338210561ed2fdd1ba9c21416d0dd2150e83a941afd
SSDEEP

1536:/VNCBe5SPg3OpydRAwGO2vywOO2YlwBkayqyFA37L1:db5SPByrlOawL69yqyFALh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5f6368bea49958408836fd0b5310565_JaffaCakes118

Files

b5f6368bea49958408836fd0b5310565_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ae6977a137c0cf8f50222473beb229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_Remove
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Destroy
ImageList_Add
ImageList_Write

gdi32

GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CreatePenIndirect
GetBkColor
GetTextAlign
CreateBitmap

user32

SetClipboardData
SetClassLongA
SetActiveWindow
SetCapture
OpenIcon
GetDesktopWindow
LoadBitmapA
SendMessageW
CreateMenu
GetMenu

shell32

SHGetDesktopFolder
SHGetFolderPathA

kernel32

IsBadHugeReadPtr
FindResourceA
FreeResource
LoadLibraryA
FindFirstFileA
VirtualAlloc
ExitThread
FormatMessageA
FreeLibrary
FindClose

Exports

Exports

I9VYXO3@24
CMImP
_f2sNuV4cyrd

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ