ba5f5d30d4916d6e6bfe8cb7de4a2748_JaffaCakes118 | Triage

Sharing

General

Target

ba5f5d30d4916d6e6bfe8cb7de4a2748_JaffaCakes118
Size

43KB
MD5

ba5f5d30d4916d6e6bfe8cb7de4a2748
SHA1

b62733fac4e92d98413cbbdf06bd12aaa27bbfbe
SHA256

498fd901a152f0de85945b21a752ea07768bc410f9e40f8cd5f441f635bebb8d
SHA512

e3ee65cc027b3473b41ba329ebab8f0bab3302c0204feafabc67f40e41ed6cd7ab4cef0fd4071f4c4f730a427e54bfef8327a273251d6cef24e0ce2570c4c7f9
SSDEEP

768:888hhX49ZOrShhHkc7m3xteP9kPQtl1HSpaj/x/QlCN31jQ2kC9U23:88yhUrhBm3HeP9kotl1HSpalIlCNBvh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba5f5d30d4916d6e6bfe8cb7de4a2748_JaffaCakes118

Files

ba5f5d30d4916d6e6bfe8cb7de4a2748_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b1b16397d3a25033e36c780c3667854b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
CreateThread
ReleaseMutex
lstrcpynW
FindClose
CreateFileMappingW
CloseHandle
EnterCriticalSection
MoveFileExW
DisconnectNamedPipe
FlushFileBuffers
FindFirstFileW
GetCurrentThread
CreateProcessW
SetLastError
lstrcmpiA
GetDriveTypeW
CreateMutexW
SetEndOfFile
GetModuleHandleA
SetEvent
OpenProcess
HeapAlloc
GlobalLock
GetCommandLineA
CreateEventW
GetSystemTime
MultiByteToWideChar
ExpandEnvironmentStringsW
SetFileAttributesW

user32

GetKeyboardState
DrawIcon
GetDlgItemTextW
GetMessageW
LoadCursorW
GetDlgItem
GetWindowLongW

Sections

.exijah
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tozep
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xgpyl
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ