f5f18187a859d996f91d7d46368991fa_JaffaCakes118 | Triage

Sharing

General

Target

f5f18187a859d996f91d7d46368991fa_JaffaCakes118
Size

312KB
MD5

f5f18187a859d996f91d7d46368991fa
SHA1

6ad7604744bdd1a6b44bc46f0afb3f9bbbb3d360
SHA256

7656853cfe2448af735cc7227084572824b37200652b45647d17578604022e33
SHA512

d62923044d9a8bf977417ea84f6f8e55286706f79908534bd6995b50f550e3d7722c7255f44f6070ee2393bcdc5ee7fd53c68587b82e5826705379d4de20564f
SSDEEP

6144:iwImy7wdguv9AzpMyEtMnDsNIRkHLYa41SPDBiTdgv:igysdX6yttMANIRVa41IBiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5f18187a859d996f91d7d46368991fa_JaffaCakes118

Files

f5f18187a859d996f91d7d46368991fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f90493cf5135f003e8df270247268ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateThread
DeleteFileA
FindClose
FindFirstFileA
GetCommandLineA
GetComputerNameA
GetCurrentThreadId
GetModuleFileNameA
GetProcessHeap
GetProfileStringA
GlobalAlloc
LeaveCriticalSection
LoadLibraryA
LocalUnlock
MultiByteToWideChar
SetCurrentDirectoryA
SetErrorMode
SetEvent
SetLastError
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

EqualRect
FindWindowW
GetParent
GetShellWindow
InsertMenuItemW
InvalidateRect
IsRectEmpty
IsWindowEnabled
LoadStringW
MessageBeep
SetCapture
SetScrollInfo
TranslateMessage

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ