0cf0611d9f2e6d10548f158bcb570f76_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cf0611d9f2e6d10548f158bcb570f76_JaffaCakes118
Size

330KB
MD5

0cf0611d9f2e6d10548f158bcb570f76
SHA1

88f4837796e4cc49df2039ef99af1287bd07b59f
SHA256

92fda5cecb942808329e4beb95e8ddf3f631ca5d322e453ccf6f5f5362420c63
SHA512

e3a1a0002f612332928294393cbd91663b25437c35e94715877a2b60c0632b6d5d7f0072049562ea8b2b7effebbb731e5a9d0cf95b7783b4ce1d9d65b08b7024
SSDEEP

6144:RDJKXzL5vOTiIIWPkHHScTXuXY6ZzIqQFM1TAP4ClREfJo4SKb3gxqF7q:RtKNOT5PmDIpZsqNNAP4ClREZNb3Oq8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cf0611d9f2e6d10548f158bcb570f76_JaffaCakes118

Files

0cf0611d9f2e6d10548f158bcb570f76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4743fb82b846523af77d06ecfe0fb03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
HeapReAlloc
GetConsoleCP
lstrlenA
SetConsoleCP
GetAtomNameA
LoadLibraryExA
CompareFileTime
GlobalUnlock
GetTickCount
GetCommandLineA
HeapCreate
SuspendThread
WaitForSingleObject
GetStdHandle
GetVersion
InterlockedExchange
VirtualProtect
GetSystemDefaultLangID
GetModuleHandleA
CloseHandle

user32

FillRect
InsertMenuA
EnableScrollBar
GetKeyState
GetKeyboardLayout
CreateIcon
GetDlgItem
InvertRect
CopyImage
GetCursorInfo
DispatchMessageA
DestroyMenu
SetPropA
IsDialogMessage
DrawCaption
CreateMenu
DialogBoxParamA
SetWindowPos
SetScrollInfo
DragObject
FindWindowA

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyA
RegEnumValueA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ