0c2216c090c6d6dd78e3acd1c716e79d_JaffaCakes118 | Triage

Sharing

General

Target

0c2216c090c6d6dd78e3acd1c716e79d_JaffaCakes118
Size

156KB
MD5

0c2216c090c6d6dd78e3acd1c716e79d
SHA1

cc6314bab8dd26f5d7f2faccc0cc8515f418fb63
SHA256

55fb168b837623877c9bea172269e88aba5473ca1e159d70e1b1948202a3838f
SHA512

03cc6bf5715db38106180804dd13b88717748d1d87a3417eb7a71d692343b2d9081b263b8024a8dd5877f688d18367a82974b68825bdd998ee435ae088f654de
SSDEEP

3072:HcDImo57Y0K3pu9DTcnhw3bjNlGXpT22qcz3iTiQfUxBhod2oZd6GI4XnC/+w4we:89MtVJTA2NqT2PTTfUxBUZMr43m+FF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c2216c090c6d6dd78e3acd1c716e79d_JaffaCakes118

Files

0c2216c090c6d6dd78e3acd1c716e79d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3c293ff668a5b65e594d9dfacc92857

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

wsprintfW
TranslateMessage
GetMessageW
DispatchMessageW
SetTimer
KillTimer
GetAncestor
CharUpperW
GetDC
CharNextW
PostThreadMessageW
UnregisterClassA

kernel32

lstrcpynW
GetLastError
lstrcpyW
GlobalAlloc
CheckRemoteDebuggerPresent
WideCharToMultiByte
FindClose
MultiByteToWideChar
GetCPInfo
DeleteCriticalSection
EnumResourceTypesW
GlobalFree
GetTickCount
lstrlenW
InitializeCriticalSection
GetACP
lstrcmpiW
OutputDebugStringW
lstrcpyA
LockResource
GetModuleHandleW

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ