0b5d4db220956708c67a9cd43d5431ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b5d4db220956708c67a9cd43d5431ce_JaffaCakes118
Size

97KB
MD5

0b5d4db220956708c67a9cd43d5431ce
SHA1

aba64fe37e0db2ea8ba6124c4653712adc0566d7
SHA256

9a179b9fa422593f91ee4f77568185003108ee57336cf2ba0a2fb34fb795c9ad
SHA512

f570c62162e3123c916cf09972501077eeb194ead19114fc5c7b83f82fbe3be9210acb8890bd417f2f76c4a265e9a1aaf13c09eae3dbb03928a792f7888f8562
SSDEEP

3072:Ia1Tv6lQtyXPY7bYzK1fwXllUHIxNJb4PMD1UT2+q:RJilNYPYEfwXllUHIXmPMD1y2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5d4db220956708c67a9cd43d5431ce_JaffaCakes118

Files

0b5d4db220956708c67a9cd43d5431ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96088f5c6bfcb6c8549d7cb61524281a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GlobalFree
FindAtomA
VirtualAlloc
GlobalFlags
GetTapeStatus
GetUserDefaultLangID
ReleaseMutex
GetVolumePathNameA
EnterCriticalSection
LocalHandle
GetProcessHeap
ExitProcess
GetOEMCP
EnumDateFormatsA
CreateJobSet
GetProfileStringA
GetProfileIntA
CreateMailslotA
GetModuleHandleA
GlobalLock

user32

ShowWindow
CloseWindow
GetClassNameA
GetDC
GetClassInfoExA
GetWindow
ValidateRect
RegisterClassA
IsIconic
GetForegroundWindow
GetActiveWindow
BeginPaint
GetWindowTextA
DrawEdge
ReleaseDC
GetParent
GetFocus
GetWindowTextLengthA
EndPaint

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA
SHGetFolderPathA
SHChangeNotify

userenv

GetGPOListA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ