0a4ddbe711e6350f5d867f48988485b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a4ddbe711e6350f5d867f48988485b5_JaffaCakes118
Size

4.2MB
MD5

0a4ddbe711e6350f5d867f48988485b5
SHA1

f20cc2615b8d75f7cafb29dffabca60f4dbdbe8f
SHA256

d95e6d3796a4d075ee0b4522912cfe56f9b0944f35aa7af46ff95b669d8bd3f7
SHA512

2d147f444775df83496a4b2ff84d641dbdf155a5f5495799fccadeea5512bcfb3679c7edbfd360b2fb5de5895a7327f2e1ec597fdc739d47284f99288e2af535
SSDEEP

98304:y9eIbo2tMWR1oHPA0nq1WfNxFMWLDlkrZXY1a3Ub3t5VAyX8ELy:y9eIboQuHP5qIjFMWkHqh8Uy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4ddbe711e6350f5d867f48988485b5_JaffaCakes118

Files

0a4ddbe711e6350f5d867f48988485b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

567b08f6dd3ba388bdc1ad100e1f1a84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetProcessHeap
SetConsoleHardwareState
DeleteTimerQueueTimer
SetPriorityClass
LoadModule
ReadConsoleInputA
VirtualAlloc
CompareFileTime
GetCommandLineA
GetStdHandle
Module32First
FindFirstVolumeW
GetLocaleInfoA
ConnectNamedPipe
Process32Next
WriteConsoleInputA
WriteConsoleOutputAttribute
HeapAlloc

user32

GetWindowTextLengthA
SendIMEMessageExA
GetDlgItem
GetWindow
DrawTextA
IsServerSideWindow
CreateDesktopA
DialogBoxIndirectParamA
GetClassInfoExW
GetClipboardSequenceNumber
DeleteMenu
CharUpperBuffW
SetShellWindowEx
EnumChildWindows
FrameRect
DeregisterShellHookWindow
GetWindowContextHelpId
GetWindowLongA
ClientToScreen
SystemParametersInfoA
GetShellWindow
SetProgmanWindow
FlashWindowEx
ClipCursor
ScrollDC
RegisterClipboardFormatA
RegisterRawInputDevices
SwitchToThisWindow
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
GetMenuState

comdlg32

GetOpenFileNameA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ