53543cceddfa385d1aa15f362df9f1ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53543cceddfa385d1aa15f362df9f1ca_JaffaCakes118
Size

304KB
MD5

53543cceddfa385d1aa15f362df9f1ca
SHA1

0c10940725a8452c481f15715a7ad724d11a126d
SHA256

c1db205f4c973ca3bf0598ebd94ec505c198ba75144b66d6c9899e2d7a57362e
SHA512

17dccb8550a849d346143797de80fee268245b8db2e4d61d49693a54462a573d0873172df39c28faec99035faf5cacc0508b8d22e7b3ef822d89771570461717
SSDEEP

6144:GBgCYlwy2RPZYp9WfxWOmJIX4hKBsLNmhd4T:GBgmbq9WfxWO24BsLNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53543cceddfa385d1aa15f362df9f1ca_JaffaCakes118

Files

53543cceddfa385d1aa15f362df9f1ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e5882cea3e01e52d3b35aefa6fe931e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
VirtualAlloc
VirtualFree
FindClose
SetVolumeLabelA
CreateEventW
CreatePipe
FindClose
WriteConsoleA
GetCurrentDirectoryW
CreateMailslotW
FatalExit
GetFullPathNameW
FindClose
CreateFileMappingW
GetModuleHandleA
CreateSemaphoreW
GetStringTypeW
GetFullPathNameW
CreateFileA
SetEnvironmentVariableA
GetShortPathNameA
Sleep

mshtml

DllCanUnloadNow
DllGetClassObject
PrintHTML
ShowModalDialog

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ