05a60220df7032498e6e9eaaa25320cc_JaffaCakes118 | Triage

Sharing

General

Target

05a60220df7032498e6e9eaaa25320cc_JaffaCakes118
Size

20KB
MD5

05a60220df7032498e6e9eaaa25320cc
SHA1

0ece2bbee33d934b9805f13dc912f62759e12202
SHA256

dffa9437ddb0ed9eb3f21edb057018b1e69131ed8e6c5b83b92766a38f7274dc
SHA512

aa3aeba2b8ecefe8b7491be65623dabe97c0a5f5cfd5c7c67cc582331e57a4255924aea62a79ad4dca69c2e538f915d6f73411063db3de336ccef87a9c6749be
SSDEEP

384:l5TKaYRwgzvvuwU8/5yces8U5ofy3DRMol:l5OaYugz28QceDy3DRMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a60220df7032498e6e9eaaa25320cc_JaffaCakes118

Files

05a60220df7032498e6e9eaaa25320cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c69f154747a128be6d599041e1549369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalUnlock
VirtualProtect
GetAtomNameA
GetProfileIntA
InterlockedExchange
HeapReAlloc
CloseHandle
GetModuleHandleA
GetConsoleCP
LoadLibraryA
WaitForSingleObject
FindAtomA
CompareFileTime
TlsGetValue
HeapWalk
lstrlenA
GetVersion
GetStdHandle
TlsFree
GetACP

user32

GetWindowTextA
CopyRect
GetKeyboardLayout
DestroyMenu
TranslateMessage
SetWindowPos
EqualRect
ShowWindow
GetDlgItem
CreateCaret
DispatchMessageA
GetMenuStringA
GetMenu
UpdateWindow
ModifyMenuA
SetPropA
LoadIconA
DialogBoxParamA
PostMessageA
InflateRect
GetScrollRange
PaintDesktop
InsertMenuA
MessageBoxA
EnableScrollBar
SubtractRect

msi

MsiDoActionA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ