f5b4315ac0557b8f499ded1fd9984307_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5b4315ac0557b8f499ded1fd9984307_JaffaCakes118
Size

60KB
MD5

f5b4315ac0557b8f499ded1fd9984307
SHA1

39a64a81d7510a4c8695631556cd9a3f4c654892
SHA256

970680db9d907171838ec7509583183956c8e8a05150034cd18c85bdf3c43813
SHA512

506933ce2dc9bdae1331afd6c80879221a65b5ba52eb44a46f5843f635e31e7e91b511ac86349ef736dc9403f3eb0faa5e14529ca936a39206b35c982457e898
SSDEEP

1536:5bcEl/6HzK7ZEfST57Z4dRYNObFr/NHpVbtCJ:5V/mcEf45OdRYi/NHTZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5b4315ac0557b8f499ded1fd9984307_JaffaCakes118

Files

f5b4315ac0557b8f499ded1fd9984307_JaffaCakes118
.exe windows:5 windows x86 arch:x86

51609774e630df3589e4ba63b40f8ca8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
WritePrivateProfileStructW

user32

CharToOemA
UnregisterClassA
CreateWindowStationA

gdi32

GetCharABCWidthsA

Sections

.��
Size: 53KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ