5776f4ba1029065a93ad25331872db28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5776f4ba1029065a93ad25331872db28_JaffaCakes118
Size

304KB
MD5

5776f4ba1029065a93ad25331872db28
SHA1

191c6b7d0c109482026751e531e0650cc9284633
SHA256

e14a26c7c017479b36cce15fbe78435a0aa6993084c7f2c70f820e1e3f4dd996
SHA512

cc1a9b59cf33dac9bda1b57578c6b2cad5e9c19c342db89e252eccf700a1fc3c128902fbb24344296805cd131790b6e2eb89574d42ed38dc852386a81f0142bc
SSDEEP

6144:dduuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuun9bTKHms6OsL4/UXDndZ7dDMWnfiwt:dN9HKGROsL4/y7PNnf9QXxVoH/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5776f4ba1029065a93ad25331872db28_JaffaCakes118

Files

5776f4ba1029065a93ad25331872db28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd22e0d129244c3a97a10092a42d140d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetExitCodeProcess
LocalFree
FindAtomW
GetDriveTypeA
GetComputerNameA
GetTickCount
lstrlenA
FindVolumeClose
ReadFile
GetPrivateProfileIntA
GetModuleHandleW
CloseHandle
GetFileAttributesW
ExitThread
GetLocalTime
FreeConsole
GlobalFree
CreateFileA
TlsGetValue

user32

DestroyCaret
GetClassInfoA
EndDialog
GetClientRect
CreateWindowExA
CloseWindow
DispatchMessageA
DrawStateA
FillRect
GetDlgItem
GetCaretPos
GetMenu
CallWindowProcA

clbcatq

ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
DllGetClassObject

gpedit

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ