0fef0ee2896299e8bae2163ec423fd8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fef0ee2896299e8bae2163ec423fd8d_JaffaCakes118
Size

1.3MB
MD5

0fef0ee2896299e8bae2163ec423fd8d
SHA1

3dc63c938c968ca4cd4c3a499fa69661c1d0d004
SHA256

07ad531d498019287ba2f5236aa10b490d1b767d4d3f3c2289f715e25316171a
SHA512

5486447f02b2af920dc063a397867d6d128900a70502d96654051d2d186b81f31adca0360ad2eb3c045c59ead27df50d22041ee7e559d75db8fcf55a0573955c
SSDEEP

24576:hiyNEvyhGVPrL3sdetw3qfUPnQJmaQPxSb6+dgWWy/6zsvFMcm1TzpejSwK8FEU9:pNEvgG+det0qfUPnaQPo6sYboC/ToOwd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fef0ee2896299e8bae2163ec423fd8d_JaffaCakes118

Files

0fef0ee2896299e8bae2163ec423fd8d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0824c5aa12a47771818b8e1c987ef653

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
FlushFileBuffers
GetTimeZoneInformation
GetSystemTimeAsFileTime
CreateEventW
ExpandEnvironmentStringsW
DisconnectNamedPipe
UnmapViewOfFile
GetTempPathW
GetUserDefaultUILanguage
GetCurrentThread
lstrcmpiA
FindClose
GlobalLock
GetSystemTime
SetThreadPriority
MultiByteToWideChar
ReleaseMutex
CreateProcessW
FindFirstFileW
SetEvent
OpenProcess
GetDriveTypeW
SetFileTime
lstrlenA
CopyFileW
lstrcatW
EnterCriticalSection
CreateMutexW
SetEndOfFile
CreateThread

user32

LoadCursorW
PeekMessageW
PeekMessageA

Sections

.arcbcj
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bcvun
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jkdqv
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ