fe5f4567878c45b6149a4568dca4efb7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe5f4567878c45b6149a4568dca4efb7_JaffaCakes118
Size

289KB
MD5

fe5f4567878c45b6149a4568dca4efb7
SHA1

63b1407a5f9b75c431b2e377385f48a11f41e178
SHA256

eb40ed1fc212f77849fb343bb47d5cb1383ac02e22c8240011e8044735833c0d
SHA512

c12918f48b341baf7e70488942e975ace6054e73500e1e56b91d762d5953a8b2c901b448266ceff46301e1dc060318e509136a919c98d915fe4458e0f6f74d35
SSDEEP

6144:V0hzwogg5bqrs1aDIsTgm+NSvaYaGyzr/p5/qibYMB:vAdAIsB+NO3aGyXhVHRB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe5f4567878c45b6149a4568dca4efb7_JaffaCakes118

Files

fe5f4567878c45b6149a4568dca4efb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1243f8911183e07b432a79610aaffbee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
FindFirstFileA
FreeLibrary
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetLocaleInfoA
GetPrivateProfileStringA
GetProcAddress
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalReAlloc
SetEvent
Sleep
WaitForSingleObject
WriteConsoleA
lstrcatA
lstrcmpiA
lstrlenA

user32

wsprintfA
CascadeWindows
CreateWindowExW
GetMenuState
GetSubMenu
GetSystemMenu
IsIconic
IsMenu
IsRectEmpty
LoadBitmapW
LoadMenuW
PtInRect
RegisterHotKey
SendMessageTimeoutW
TranslateMessage

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ