0a80b093148257f2396e3787703d28f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a80b093148257f2396e3787703d28f7_JaffaCakes118
Size

185KB
MD5

0a80b093148257f2396e3787703d28f7
SHA1

4932367065762755656ca1cf00a4b09aae68b412
SHA256

9590f789219088f805380b88beb688cb6c448a3f9f53b2a30eeb536a9e030daf
SHA512

c110f45e08c5b513ba4b7e10fdbcb6096c17775b9739b314e75887c2559e4d23c0798ba7d4bff9f3f005eb4b5f21435b690e30206f7283f8ed330d2d474cf953
SSDEEP

3072:LkKdTG+4WS6M3GHOQfKPov6SikUQeD1txXpxZi4:L3caQoitkUvD1t5pxY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a80b093148257f2396e3787703d28f7_JaffaCakes118

Files

0a80b093148257f2396e3787703d28f7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7d7b4547cde476b05abaf6609e2dae17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
QueryPerformanceCounter
ExitProcess
GetLastError
SetStdHandle
LocalAlloc
GetModuleHandleA
QueryPerformanceFrequency
DeviceIoControl
GetCurrentDirectoryA
LocalFree
EnterCriticalSection

msvcrt

tanh
_cgets
_vscwprintf
_acmdln
__p__commode
_wremove
_exit
_safe_fprem
_adjust_fdiv
_initterm
mbtowc
qsort
__getmainargs
rewind
_gcvt
memcpy
_XcptFilter
_except_handler3
__set_app_type
iswgraph
__p__fmode
__setusermatherr
_ismbbkprint
vwprintf
_controlfp
exit
_wgetcwd
asctime

gdi32

GetBkColor

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ