0d660a59dd7c20fc7d4a908766311556_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d660a59dd7c20fc7d4a908766311556_JaffaCakes118
Size

120KB
MD5

0d660a59dd7c20fc7d4a908766311556
SHA1

1f5f80de4ecdc719b0e469416de8c1fa8fc1befd
SHA256

a54c6e6c90593a887719870b2909d24502bb951361d2ee974ff506332b7ebfa4
SHA512

c53a64a9456f94609ca797862fc52b312db60aa951fe2f2448ce33297fab7a684eb8d937eb1baeaa80c182f3a4eb83acabb2ddf2fbca685c22c4176fa2275c42
SSDEEP

3072:BopG10bovScwPYOhnhvjV7Ov5tFjhjvgg1:BoC7vmPjrV785tFFjIq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d660a59dd7c20fc7d4a908766311556_JaffaCakes118

Files

0d660a59dd7c20fc7d4a908766311556_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0273479bba3e0df73893542234723a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
LoadLibraryA

user32

EmptyClipboard
IsWindowVisible
ReleaseDC
GetWindowRect
DefWindowProcA
SetWindowPos

gdi32

BitBlt
CreateDCA

oleaut32

SysAllocString

msvcrt

_initterm
_controlfp
_except_handler3
__set_app_type
strcmp
_exit
__p__fmode
exit
_acmdln
__getmainargs
_XcptFilter
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fkiefgg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE