5650e7b1aeb19044766866e5982dbaf7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5650e7b1aeb19044766866e5982dbaf7_JaffaCakes118
Size

129KB
MD5

5650e7b1aeb19044766866e5982dbaf7
SHA1

4d2b2ed83ee946eadcfff38b47c0a9f8bd55ac37
SHA256

e2267f3978b7f4ca1ea6d70865e3ba0d374a871d5eda3c5cefdbf158877e7e4b
SHA512

9aa8a21e96b4428770b03ba00644543d5bf8313a0bc0c185d3027a27a70b8d708afe5479bceda7dda3ecd434277d241ecb99df74ada2edc0e9c6ff327763ce6b
SSDEEP

3072:cB1cKkPG3maXnarfbcb0EsCwuvi460yYPHgCTmC:w2Fj037i4nfH7f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5650e7b1aeb19044766866e5982dbaf7_JaffaCakes118

Files

5650e7b1aeb19044766866e5982dbaf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acb0fa4e144de036990eeae9a951869f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
LoadKeyboardLayoutA
LoadIconA
GetSysColorBrush
LoadCursorA

kernel32

GetLastError
GetLocaleInfoA
GetModuleFileNameA
LoadLibraryA
ExitProcess
VirtualAllocEx
GetFullPathNameA

Exports

Exports

_7FajNBsFkIj4Xt
_O6Ltay0LTb@4
7AzyihMm@24
cR0RNtK@16
_pUx_aySM
oC6eWtap
l9_u_pvC@4
YG5Nw74r
_79f5b9B5zvlqNs@24
KqazR38CLhQmuf
Fn4MOZ1n8Ol@24

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text