f55094adaa56bbd75d659a7cdf3825a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f55094adaa56bbd75d659a7cdf3825a5_JaffaCakes118
Size

168KB
MD5

f55094adaa56bbd75d659a7cdf3825a5
SHA1

4210e2e9873ab03d758d3efd6a41a1019d9e909f
SHA256

c1c5941553423ba7593ca1da6308af6b1f6a2c4b3e5d5fe0a864c5fee7165674
SHA512

35b889f0c02727333b5c9f17769ade1316499cfca4914bab3db1ffca49e9b4563848e72c8eb4b20e7fb267864c5121b75e77090ba130cb9a0932937f38f60c7d
SSDEEP

3072:+5hWSs2XC5haIvLeXixT8IQ02W1o0B6rUPx2WteXs0cFwbQUsJwlZcbRXf1Fb:+h5wb7eXixThQE7B6rU8Wte7cFdJwl0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f55094adaa56bbd75d659a7cdf3825a5_JaffaCakes118

Files

f55094adaa56bbd75d659a7cdf3825a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f5f888360a1e808a29cf9db0ac99a4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
CompareStringA
GetNextVDMCommand
FindFirstFileW
SetThreadPriority
GetLocalTime
FreeLibrary
LocalFileTimeToFileTime
SetEnvironmentVariableW
SetCurrentDirectoryW
GetShortPathNameW
EnumResourceNamesW
FindResourceW
FindClose
RegisterWaitForSingleObject
SetErrorMode
LoadResource
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileW
SystemTimeToFileTime
SearchPathW

user32

RealGetWindowClassA
ValidateRgn
SetCapture
ReleaseCapture
ExcludeUpdateRgn
ValidateRect
InvalidateRgn
GetCapture
GetUpdateRgn

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ