0baeb03cb29c443d7aad968e1d072fa8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0baeb03cb29c443d7aad968e1d072fa8_JaffaCakes118
Size

61KB
MD5

0baeb03cb29c443d7aad968e1d072fa8
SHA1

225f1403394066652db6685f906a763cbab8224e
SHA256

e2d4ae4b0b987c17b76f06cb672ec406be045aa91d5f00f02f1b1931b5c7a67d
SHA512

9e62a51ee69a2f6dc928df2bdf512ba02aa22db2428f5a06d30595798aace446b6ec521c390cd060eef8359908335118c2d66beed48ffa4a845721633b513be7
SSDEEP

1536:gEl8UUc29/hnDtHIH+etJn2whmC+P7CEA+kpqHiUW:NUcc5DBTenn2wcpP7tA+gqCUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0baeb03cb29c443d7aad968e1d072fa8_JaffaCakes118

Files

0baeb03cb29c443d7aad968e1d072fa8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eada64d81cf6e32cd496aa64e72ad5b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
lstrlenA
GetTickCount
lstrcpyA
GetLocalTime
GetVersion
GetTempPathA
CloseHandle
WriteFile
CreateFileA
GetLastError
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetSystemTime
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

InflateRect
ClientToScreen
GetFocus
wsprintfA
GetCursorPos
IsWindowVisible
GetCaretPos
GetWindowRect
EqualRect

shlwapi

SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE