0fd44122aa768fa703d569a03e13aad5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fd44122aa768fa703d569a03e13aad5_JaffaCakes118
Size

328KB
MD5

0fd44122aa768fa703d569a03e13aad5
SHA1

83e25fb0e24a08948d9d7a684ae587d09aa681f2
SHA256

d86a0c10898a552e6373a05fe3133a472d6cecee8c63371fe6a64e2bfa40fc32
SHA512

1de9675c3f2f768ddfce275bc63c9322f4113b0ed7920a6fed93e396acd426d4274ed07a403163dc1c4f5843c517769d658b50718b01026aa9c68bc32b1b7d64
SSDEEP

6144:vje/MZa89PZtwR1v7gAQJVdT1fPWGQJ9YWIytRT7c+ObidGRrFwPK:vjgMZaD97BcdZWGQ9IytZAhbAWFwPK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fd44122aa768fa703d569a03e13aad5_JaffaCakes118

Files

0fd44122aa768fa703d569a03e13aad5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9d04d7b82023ed6b3f636417b505100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
GetDiskFreeSpaceExA
VirtualProtect
SetLastError
lstrlenA
GetConsoleTitleA
LoadLibraryExW
EnumResourceTypesW
GetModuleHandleA
GetStdHandle
GetCommandLineA
Heap32First
CancelIo
TlsGetValue
ResetEvent
CloseHandle
LocalFree
GetLastError
FreeConsole
IsBadReadPtr

user32

GetScrollBarInfo
GetUpdateRect
CreateWindowExA
DispatchMessageA
CopyImage
CloseWindow
CreateMenu
DialogBoxParamA
IsIconic
EnableWindow
DragDetect
GetMessageA
GetKeyState
MessageBoxA

hlink

HlinkResolveShortcut
HlinkOnNavigate
HlinkClone
HlinkCreateFromString
HlinkCreateFromData

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ