0abce92c36d7aaafb8865b5841661d16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0abce92c36d7aaafb8865b5841661d16_JaffaCakes118
Size

417KB
MD5

0abce92c36d7aaafb8865b5841661d16
SHA1

cfa9d3d5eeaf6c5c19116726d14964ad2352185c
SHA256

f2a2faff3ae4f8dbc5035ba40e4e615a74a05756121e2e8a5b13f6bf8d9bc995
SHA512

78ecc018376556b055202dd953325343c7632d508f6ef5b13dea8bcae0ebdb9310c5d3ce7025a4333179851df4963f229e02d9e80e98366747f72c764a16e8ff
SSDEEP

12288:x57qSYh+Tu1lxHxCgpcAnirLS9Mm5T2a9:n7jYhcExN0i9Msb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0abce92c36d7aaafb8865b5841661d16_JaffaCakes118

Files

0abce92c36d7aaafb8865b5841661d16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f2df7257758bf2707e2911007001ebd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
CreateThread
LoadLibraryA
FindResourceA
GetModuleHandleA
LocalAlloc
LocalFree
GetCommandLineW
GlobalAlloc
GlobalFree
SetEvent
CreateProcessA
ExitProcess
GetTickCount

user32

GetClientRect
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
UpdateWindow
CreateWindowExA
LoadBitmapA
SendMessageA
DestroyWindow

Sections

.TEXT
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 355KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ