0ab268ec1a1deb748c60b134c52a196a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ab268ec1a1deb748c60b134c52a196a_JaffaCakes118
Size

28KB
MD5

0ab268ec1a1deb748c60b134c52a196a
SHA1

21375288b11d59ca9e04de7cb7d37c6a03d32d9f
SHA256

186bbe4261578f8a067600dc849002c1083707ee0e5e1aa8eece9e902adc144a
SHA512

0ef3a3d784d1fea17b9edbbe3a515bff26b36478f341c6e05a70e83a6065ede64177d7aeb585b50c2c6fd21d1bb54a99ad48391c1fc4adb6a37fe93f90f47609
SSDEEP

384:Oouv9ypuAsZgn4YYgDHl2cQcwu73DpzwGWdY1Rh1JJp8z34knaTtKhQTIWw4gXKZ:OQrIgDHdrJ/Rh1n6z34+as6TeBKloq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ab268ec1a1deb748c60b134c52a196a_JaffaCakes118

Files

0ab268ec1a1deb748c60b134c52a196a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87bef8b1de82b3e0fb0f93dec6a03352

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetEnvironmentVariableA
IsValidLocale
GetProcAddress
GetFileSize
WriteFile
FreeLibrary
HeapAlloc
GetProcessHeap
HeapFree
GetConsoleCP
GetTickCount

ole32

OleUninitialize

winmm

timeKillEvent

shlwapi

SHDeleteKeyA

user32

wsprintfA

advapi32

RegCloseKey

msvcrt

memcpy
free

netapi32

NetUserGetInfo

version

GetFileVersionInfoA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ