0d0da7d1914b4978dcfb8a9bf2dbcedf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d0da7d1914b4978dcfb8a9bf2dbcedf_JaffaCakes118
Size

167KB
MD5

0d0da7d1914b4978dcfb8a9bf2dbcedf
SHA1

3bf03b4eb7ade306d35b22ce1dc389bc6efa1de3
SHA256

ba5abf867780ad030b4703f0a454266839acc08f9d4d1b9f767f732f5b6ed30d
SHA512

7a569ebad8c4c65c35a8f715a39d355016540a883cab41269cb663d738a4def1daa8758be21faa6fdcacd8afa2890e6f5a7440dff808598bfa3cba1d4b8baecd
SSDEEP

3072:PkQlrF7pMA8a99m9vEAPzejrLltj3ZE2+W70NnhgrY+yraRhD9E/ArAKqGS27dvl:MQBF7p78a99xMqjrL/3ZE1nJ+3RaKq4P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d0da7d1914b4978dcfb8a9bf2dbcedf_JaffaCakes118

Files

0d0da7d1914b4978dcfb8a9bf2dbcedf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

783b8f55887f639c8552ca23f9264e5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextMetricsA
GetDeviceCaps
GetTextExtentPointA
DeleteObject
SelectObject
CreateFontIndirectA

ole32

CoGetMalloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

kernel32

WriteFile
GetVersionExA
InitializeCriticalSection
GetCPInfo
GetCPInfoExW
GetStartupInfoA
GetEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
TlsSetValue
DeleteCriticalSection
GetEnvironmentStrings
GetACP
UnhandledExceptionFilter
GetFileType
RaiseException
EnumResourceTypesA
FreeEnvironmentStringsA
GetTickCount
FreeEnvironmentStringsW
GetOEMCP
InterlockedIncrement
InterlockedExchange
lstrlenW
GetLocaleInfoA
EnterCriticalSection
GetCommandLineW
GetStdHandle
GetThreadLocale
MultiByteToWideChar
QueryPerformanceCounter
TlsGetValue
HeapSize
GetLastError
LeaveCriticalSection
GetCurrentProcessId

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ