0bd2a58f3e601a72fd4f4f3423c37d73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bd2a58f3e601a72fd4f4f3423c37d73_JaffaCakes118
Size

166KB
MD5

0bd2a58f3e601a72fd4f4f3423c37d73
SHA1

e92c4a6e3138050df4b71fdd6dc4578c4f071f3f
SHA256

c07f8668352cce19c965c5f17daee6586f425f8be497cfc24a8a12cd05cddcda
SHA512

e8eed430ae0b7a3c7ca0f34471b0823b94790bc06161849005d7fd044fcbba64aace901eabb8eed25923178652f7603ea24e6326b2f183971a39ad16458d2473
SSDEEP

3072:ywSoZxH25zv+UyzqDFw1xn54q5cQqlxiwxVfjuDiacrTOdx:IoZxW4zOFwbncQqPXxVfHzTOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bd2a58f3e601a72fd4f4f3423c37d73_JaffaCakes118

Files

0bd2a58f3e601a72fd4f4f3423c37d73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d9fbeaa2101a3099aa1df8a9d9645a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ReadProcessMemory
GetSystemTimeAsFileTime
VirtualProtect
ReadProcessMemory
LoadLibraryExW
WaitForSingleObject
LoadLibraryA
ReleaseMutex
ReleaseMutex
LoadLibraryExA
GetProcAddress
LoadLibraryA
VirtualProtect
GetCurrentThread
SetThreadContext
SetConsoleCP
SetConsoleCP
GetLastError
GetSystemTime
WriteProcessMemory
LoadLibraryExW
LoadLibraryExA
CreateFileA
ReleaseMutex
VirtualProtectEx
CreateProcessW
SleepEx
ReleaseMutex

winmm

waveOutOpen
waveOutOpen
waveOutOpen
waveOutOpen
waveOutOpen
waveOutOpen
timeGetTime
waveOutOpen
waveOutOpen
timeGetTime
waveOutReset
PlaySoundW
waveOutOpen
waveOutOpen
DriverCallback
DriverCallback
PlaySoundW
waveOutOpen
waveOutOpen
waveOutOpen

Sections

.text
Size: 152KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BitDef
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ