e5c5ba17d9bb9a06bb1ae7e0ee487738_JaffaCakes118 | Triage

Sharing

General

Target

e5c5ba17d9bb9a06bb1ae7e0ee487738_JaffaCakes118
Size

351KB
MD5

e5c5ba17d9bb9a06bb1ae7e0ee487738
SHA1

4544d3c86ca59cb897779f0f18b7ad66165e895a
SHA256

7a193445506edfba002de1305d534512aa052417ebedff3829bf830b5289b528
SHA512

be9071b5da7608fc9683213dcf4be0877f7a8f298163d1b3d7733e20878478daf2ab7307f6dfa926c594d82f747f48285f1baa376a3e180ec627f74d559c99a7
SSDEEP

3072:HR7jbNafUsiVVCgNgWSagbJMgA7XphMc23x:HR7HY8fuYg/7GvVqc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5c5ba17d9bb9a06bb1ae7e0ee487738_JaffaCakes118

Files

e5c5ba17d9bb9a06bb1ae7e0ee487738_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ff51163e765e6ee4779916cb8e81da3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

PrivilegeCheck

shell32

SHAddToRecentDocs

kernel32

GetEnvironmentStringsW
GetModuleHandleW
GetEnvironmentStrings
FreeConsole
GetTimeZoneInformation
GetNamedPipeClientProcessId
GetStringScripts
GetLogicalDrives

user32

DdeConnect

setupapi

SetupDiDestroyDriverInfoList
SetupOpenInfFileA

shlwapi

StrChrNW

avifil32

AVIStreamReadFormat

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Q6J|L
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

K9p
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ