0fe97b2c9b58e2d2366df2e8941b45fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fe97b2c9b58e2d2366df2e8941b45fb_JaffaCakes118
Size

636KB
MD5

0fe97b2c9b58e2d2366df2e8941b45fb
SHA1

1b13551d34a54ec72a5ed13a557b8018ad9d9ad8
SHA256

1071c374a39a4768b9197a29936a3cde189c9903f0e121bf3d768940bd944361
SHA512

1fe8b975ad97433611cf19167f360cf30be81d4979ee472b1eeeb7410b2be46fd8d7a02fb6b288e37749eb3187f2a893ab716006e26e26f9d6cd2a2329a2ee91
SSDEEP

12288:B5AeFV4TULyn6WjrUpDLeswTzKuQ0Snf2ulV65CVJqP5:Br4T6ArU5Lo6Ou+uJqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fe97b2c9b58e2d2366df2e8941b45fb_JaffaCakes118

Files

0fe97b2c9b58e2d2366df2e8941b45fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e52d51fd1119e49eeb788a35d3a8a2d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
WaitForMultipleObjects
WaitForSingleObject
HeapReAlloc
InterlockedExchange
GetModuleHandleA
SetConsoleCP
GlobalUnlock
lstrlenA
SuspendThread
HeapCreate
LoadLibraryExA
GetVersion
GetConsoleCP
VirtualProtect
CompareFileTime
GetStdHandle
GetSystemDefaultLangID
GetTickCount
CloseHandle
GetAtomNameA

user32

DialogBoxParamA
InsertMenuA
CreateIcon
GetCursorInfo
DispatchMessageA
DestroyMenu
GetKeyState
DragDetect
FindWindowA
SetPropA
InvertRect
SetScrollInfo
DrawCaption
CreateMenu
SetWindowPos
IsDialogMessage
GetKeyboardLayout
DragObject
GetDlgItem
FillRect

winmm

auxSetVolume
OpenDriver
PlaySoundA
CloseDriver
auxGetVolume

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ