0bfb58b315854cb435cc9043db1d8842_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bfb58b315854cb435cc9043db1d8842_JaffaCakes118
Size

127KB
MD5

0bfb58b315854cb435cc9043db1d8842
SHA1

811ab8403c2aa20f623b4e28547125fdca9e419f
SHA256

fd9dee533794c1024b5270a451935b5b7e2ef441ead0b33d9917b1cfaf7f8f7d
SHA512

94acd2ad14f5786084a2f660430b05ec86ee1e15bc762f28eed8566a3c70eac3933d099b9f4dc7b2d85f7686c73b2fc016eef977ba275063761214b66a13f4f8
SSDEEP

3072:wwFnvBIspRkvdVQWCw0QinWPnppDBT28S0fFg3wo92loTlLM+RyOjD:TFhAd/C2inWbDBTnJfF4R9lcOj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bfb58b315854cb435cc9043db1d8842_JaffaCakes118

Files

0bfb58b315854cb435cc9043db1d8842_JaffaCakes118
.exe windows:4 windows x86 arch:x86

130dbd876acf5d6c3afbf29faffae1ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumResourceLanguagesW
EnumResourceTypesA
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
InitializeCriticalSection
LocalAlloc
RtlUnwind
SetLastError
UnmapViewOfFile

user32

ShowOwnedPopups
RegisterClassA
OemToCharA
IsCharUpperA
DestroyIcon

advapi32

RegEnumKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyExA

setupapi

SetupGetInfFileListA
SetupFreeSourceListA
SetupFindNextMatchLineA

Exports

Exports

Ekte
Lnklasbiz
Nbi

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ