0cdbe37893555fbc1234df4f9cf1d4db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cdbe37893555fbc1234df4f9cf1d4db_JaffaCakes118
Size

49KB
MD5

0cdbe37893555fbc1234df4f9cf1d4db
SHA1

30bbd09cbe763e2a85ba4ea8467e480aac8da7f8
SHA256

10d03d72e5ef1add733b5fd66ce78fabcda1b14db322f49cf3048431fab6b7bc
SHA512

d0a10afb9650d86bbd5b987bd6e4bed7b48b32c490fcef80a8a99efded98b0556cf3161b1ffa990537248c7b3bb64086695eeb5512e43951f15fd63979e32bb2
SSDEEP

768:bTR/BnULw6gau7DZa2eqaMkBsIAiDJ0q9tSG264adzghTCI0HtyeAI:XJGtu7AZMzirMG2BAdt/AI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cdbe37893555fbc1234df4f9cf1d4db_JaffaCakes118

Files

0cdbe37893555fbc1234df4f9cf1d4db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1e8b2f7a24af8e0e777f96777a11b2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DuplicateHandle
EnterCriticalSection
ExitProcess
FindResourceA
FormatMessageA
GetACP
GetCommandLineA
GetCommandLineW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
LCMapStringA
LocalFree
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter

msvcrt

srand
__p__fmode
__set_app_type
free
isdigit
malloc
time
strpbrk
realloc
rand
printf

user32

EndPaint
GetClientRect
GetPropA
SetUserObjectSecurity
DeferWindowPos

oleaut32

SysStringLen
OleIconToCursor
OleLoadPicturePath
OleTranslateColor
RegisterTypeLi
SafeArrayAllocData
SafeArrayCreate
SetErrorInfo
GetErrorInfo

shlwapi

PathAppendA
PathBuildRootA
PathCombineA
PathFileExistsA
PathFindOnPathA
SHEnumKeyExA
SHOpenRegStreamA

Exports

Exports

CloseWZCDbLogSession
DestroyCaretMEUED
NxCookClothMesh

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ