53e0971ae0dbba1be1300349221d13c3_JaffaCakes118 | Triage

Sharing

General

Target

53e0971ae0dbba1be1300349221d13c3_JaffaCakes118
Size

295KB
MD5

53e0971ae0dbba1be1300349221d13c3
SHA1

2e791a8bd100c4111e8ca01c400091a59fade8f1
SHA256

957ef45e2842bf093ed384103da30db57bc24f1e53483a820d3d8d767ce433c2
SHA512

1937ac7b6504e5ea7493463d5a02a0a17b74d5a4a9dbf9c6d55550b8f09bd0d6cee81fd1eb0d67f0a66a52f44abc055e197bcb98e6fed9a780b323ef717c4ab2
SSDEEP

6144:PR4AjqURxCVgeg/pH1+2t861qKpvIDsAtfYGXA8/UBKq:J4ADZnv+S86cKpvI4AtfVXAyq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53e0971ae0dbba1be1300349221d13c3_JaffaCakes118

Files

53e0971ae0dbba1be1300349221d13c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8af01cfdbb5509295505493957f5dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
DeleteFileA
FindResourceExA
GetEnvironmentVariableW
HeapCreate
CreateSemaphoreW
SuspendThread
GetVersion
CloseHandle
ExitProcess
WriteConsoleA
lstrlenW
HeapDestroy
ReleaseMutex
FindClose
OpenEventA
CloseHandle
GetModuleHandleA
GetCommandLineW
SetEvent

user32

DispatchMessageA
GetWindowLongA
PeekMessageA
GetKeyState
SetFocus
IsZoomed
DispatchMessageA
CallWindowProcW
DrawTextW
FindWindowA
GetClassInfoA
CreateIcon
GetSysColor

docprop

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ