0c885a64c2957525619d4a5f72dd1304_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c885a64c2957525619d4a5f72dd1304_JaffaCakes118
Size

427KB
MD5

0c885a64c2957525619d4a5f72dd1304
SHA1

eb7328457df1c21e77263c6e986d4cc79f46338f
SHA256

eec542f1737840c9052e59de3ce21b94616c7f4b637903f21fdb36fb9ef17517
SHA512

f3acc688a29f49d8c1ebac45425ed6415e8f53fcbd8d5bf0a29281426817a0f0284fc3fb20fc6be3b7622ce3b1a014bba4da6e8b42662218ce4e499c260ba2ad
SSDEEP

6144:1cwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQt:1c7O3N50BMukyHgG51A5WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c885a64c2957525619d4a5f72dd1304_JaffaCakes118

Files

0c885a64c2957525619d4a5f72dd1304_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64cf424c3cc3e8c0520cee03e78f351d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
LoadLibraryExA
GetLocaleInfoA
GetDriveTypeA
GlobalAddAtomA
SetConsoleCP
SetErrorMode
GlobalFree
GlobalDeleteAtom
RaiseException
LockResource
VirtualProtect
GlobalUnlock
EnterCriticalSection
CloseHandle
HeapCreate
Sleep
GetACP
FoldStringA
InterlockedExchange
GetLastError

user32

GetParent
GetActiveWindow
ClipCursor
GetWindowTextA
EndPaint
ShowWindow
ReleaseDC
GetCursorPos
BeginPaint
CharToOemBuffA
ValidateRect
GetWindow
GetMenuItemInfoA
SetForegroundWindow
GetFocus
GetClassNameA
DrawEdge
IsIconic
DrawTextA

version

VerFindFileA
GetFileVersionInfoA
VerInstallFileA
VerQueryValueA
GetFileVersionInfoSizeA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ