0b52eb28589055f64ce993adacad6ddb_JaffaCakes118 | Triage

Sharing

General

Target

0b52eb28589055f64ce993adacad6ddb_JaffaCakes118
Size

219KB
MD5

0b52eb28589055f64ce993adacad6ddb
SHA1

b9dd24c9aa93266d688f79af0050c8fe56631481
SHA256

2f175c46833daaeaf70399db26b4991f978c814b3225dfe8a8bf374c194a0b78
SHA512

cec1c80c61ebfcf7d86665d30a4cdb8447b04f4f838f435a0d616c3487309c9785ae24b270d751dfef6185e0d9dc35c4c55770f1c564a70da017c2e87aeada8e
SSDEEP

6144:mYWyM805Ax96qHWonKDcre2um4F6VgpOSAI4Ii2f:vWa96mWonKDpK4FOgp7N4Bk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b52eb28589055f64ce993adacad6ddb_JaffaCakes118

Files

0b52eb28589055f64ce993adacad6ddb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bde5e23a6e78b4c3b83410c688de36a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
GetMenu
GetWindowDC
DestroyIcon
DeleteMenu
DestroyCursor

kernel32

lstrcmpiA
ExitProcess
MoveFileA
VirtualAllocEx
lstrcatA
LoadLibraryA

Exports

Exports

oXD_yPd0
d0SMiE@12
_iKNeCClkAdmI@24
NW1xhhxoemv@8

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text