54bec626b658359625fd157cf28b9584_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54bec626b658359625fd157cf28b9584_JaffaCakes118
Size

253KB
MD5

54bec626b658359625fd157cf28b9584
SHA1

164443e3f55386b68727926909f59427852779c5
SHA256

d92d77f1c4df641caf724f9ac125f15abcd3005847ebf277f3c14bb03f002b41
SHA512

e241298f67ad4d26a417601a8eb4477426e29d9e084a5c7b41d9b3ca5dd3c2e1c5c49417f8e262dd49584f9c8d018f043eccff70211edb2106178a8ec367ec43
SSDEEP

3072:nUOH5HiQu0O2BOEDnwDeTn/kGUWNYXWImQ0SetWkuP+17/YpMfMrc7stXbDwL5+t:nNfu0BHDn/iHmGkuPQZMA0+YRX5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54bec626b658359625fd157cf28b9584_JaffaCakes118

Files

54bec626b658359625fd157cf28b9584_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe8bc517a00c0ee85d8545519e53d8d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcessHeap
CompareStringW
GlobalLock
IsBadWritePtr
GetProcAddress
WideCharToMultiByte
lstrlenA
InitializeCriticalSection
WaitForSingleObject

user32

GetSystemMenu
GetWindowTextW
GetSystemMetrics
DestroyWindow
GetCursorPos
BeginDeferWindowPos
SendMessageTimeoutW

gdi32

CreateBitmap

ws2_32

connect
WSAStartup
recv
shutdown
ioctlsocket
closesocket
send
select

msvcrt

wcsrchr
realloc
wcscpy

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 216KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ