0ceeb08172eb00d69b7db71b77506d7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ceeb08172eb00d69b7db71b77506d7e_JaffaCakes118
Size

86KB
MD5

0ceeb08172eb00d69b7db71b77506d7e
SHA1

9804a859627b6d286d62f870b0952a6a2be97987
SHA256

a6d09d1ad2ca2eb619cabd7441468957a53dbe90c71993be7c62cb67ca238a60
SHA512

8222c902cc6c5acce859b59272df8ff5564006766b9a4a926f5fca592a0b14645efd9c000366e31d0d95e0f88953e93c55629029b63becfa27f07e0a55a857d0
SSDEEP

1536:N+Fp6wHjdqnLuSUEOwTFz4dl7edonT1KMgF64CAisvyGmpkJlXTXnD9nCEnM8:gxwzUEOwTFYKoBKMG64CAiSJvJRXnD9P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ceeb08172eb00d69b7db71b77506d7e_JaffaCakes118

Files

0ceeb08172eb00d69b7db71b77506d7e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7140f8bdad312c2aa3335ddf3835699a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetLastError
GetTickCount
lstrcpyA
lstrlenA
FindAtomA
GetLocalTime
CloseHandle
WriteFile
CreateFileA
lstrcatA
lstrcpynA
GetVersion
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetSystemTime
LoadLibraryA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

wsprintfA
GetCursorPos
GetFocus
InflateRect
GetCaretPos
IsWindowVisible
ClientToScreen
GetWindowRect
EqualRect

shlwapi

SHGetValueA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE