f5e29f3998031ff46f95bb29b01fab23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5e29f3998031ff46f95bb29b01fab23_JaffaCakes118
Size

786KB
MD5

f5e29f3998031ff46f95bb29b01fab23
SHA1

895ec2323cd45c509c93f1c4a2c991e66653e844
SHA256

abadecdc869db2055a8dbd2de8bc5fb8a798609960bd74f152a4f6fa316d11fe
SHA512

beaa01afe5a879c90a20ffa22e16bdb23308ddff4240f0dcffde224e37d04c8a2bf9c29d8b2b8cdd186e3b618c70a0905fe0c16846e3dc8dcea0b57ae11ed664
SSDEEP

12288:KvFZrYv8XSs839jj/bwBeulKk2hammG2vNH5RdIjMLVov4/fg6:KvFu+Sf39jj/WNQkoaDFH5RGjMLaAH1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5e29f3998031ff46f95bb29b01fab23_JaffaCakes118

Files

f5e29f3998031ff46f95bb29b01fab23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76d4d328f5df9769d328efd53ddc173d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
PulseEvent
GetModuleHandleA
CloseHandle
LoadLibraryA
ExitThread
CreateFileA
FindResourceA
GetEnvironmentVariableA
TlsGetValue
ReleaseMutex
CreateMutexA
GetTickCount
GlobalFree
GlobalUnlock
FindClose
GetACP
SetLastError
IsBadStringPtrA
DeleteAtom

user32

CopyRect
SetFocus
GetIconInfo
CheckRadioButton
GetDlgItem
FillRect
CallWindowProcA
GetDC
IsWindow
DrawMenuBar
DispatchMessageA
DrawEdge
DefWindowProcW

msasn1

ASN1BERDecNull
ASN1BERDecCheck
ASN1BEREncBool
ASN1BEREncEoid
ASN1BERDecBool

dpnet

DirectPlay8Create

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ