001c0b94197f1b1d346f71f8537a3c55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

001c0b94197f1b1d346f71f8537a3c55_JaffaCakes118
Size

24KB
MD5

001c0b94197f1b1d346f71f8537a3c55
SHA1

f5269e4234d10f72e0433a811bcf69a568980704
SHA256

f2e15cc495f34da3d420f84d294b4a69402805f95bd60cf30a64ec9bd18f043b
SHA512

983885947760219ba2099a78df7b42a6ac00d4e79e54de581630533c1bbbcbd09a817a2d9ce4fee58bd2d66d523e53bcde8b65158ea860f2385342df6ca90c8d
SSDEEP

384:KBEMu/XCt1QMMMMMMMMMMMN88888QbeaNjM8z6tcoyjdf:Z/y1QMMMMMMMMMMMN88888Qhxx5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001c0b94197f1b1d346f71f8537a3c55_JaffaCakes118

Files

001c0b94197f1b1d346f71f8537a3c55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e76159ac22c16c1e979e61b782c2955

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCommandLineA
GetLastError
GetFileSize
LocalAlloc
GetModuleHandleA
LocalFree
CloseHandle
lstrcatA
GlobalFree
GetStdHandle
lstrlenA
GetStartupInfoA
CreateEventA
GlobalAlloc
lstrcpyA

gdi32

CreateSolidBrush
SelectObject
DeleteObject
GetPixel
CreateFontIndirectA
GetTextExtentPoint32A
GetBkColor
GetObjectA
GetDeviceCaps
SetPixel
LineTo
SetROP2
ExtTextOutA
BitBlt
GetTextMetricsA

user32

LoadIconA
PostQuitMessage
TranslateMessage
DestroyWindow
SetWindowTextA
DefWindowProcA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ