0a5275241e99a98732d889227881d733_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a5275241e99a98732d889227881d733_JaffaCakes118
Size

816KB
MD5

0a5275241e99a98732d889227881d733
SHA1

2cd85978d006294763ff5db14d67854ed2af1eab
SHA256

d2bfc7053edf15d16f527ebe32395cfa3f781af1e936b4a18bfeeb0ea8983602
SHA512

ad449adc59f92db391b50b4482c0231fd4fba118db430341ff3cc2ea86389f38982280561aabe1209addee10ca7ca03bf58997f8a48f78a29f8053ab3f3d35c4
SSDEEP

24576:CrZUMjH/MTbb+tkxdv0lWnq7RfOenrs0:4uMjUfUMdslGq9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a5275241e99a98732d889227881d733_JaffaCakes118

Files

0a5275241e99a98732d889227881d733_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2db65b5363f03e22ae725734f9e0aa93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetLastError
GetCurrentDirectoryW
OpenMutexA
VirtualAlloc
GetVolumeInformationW
GetVolumePathNameA
GetLastError
MoveFileA
GetLastError
GetLastError
GetFileTime
GetLastError
LoadLibraryA
GetLastError
lstrlenA
FindResourceW

netshell

HrCreateDesktopIcon
HrRenameConnection
HrLaunchConnection
HrGetIconFromMediaType

Sections

.play
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.odata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 801KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE