0d922fa8e85632ffbf1eb5678ef1368d_JaffaCakes118 | Triage

Sharing

General

Target

0d922fa8e85632ffbf1eb5678ef1368d_JaffaCakes118
Size

365KB
MD5

0d922fa8e85632ffbf1eb5678ef1368d
SHA1

70977266ece624b2db4d7bc7fa775c5cff868f5f
SHA256

3c70e20fb2b8a419c97e66d73ee4e3369b6bfd9e5681abf23dfe77e159b141d6
SHA512

bdc26387683ec375d33b8e99cedd1e209ca22282b9a2df821d6888e95154765c039209a4c4971a30b54523fc1a36d9f53b2d48a5087173ff160fad3b7bdec46f
SSDEEP

6144:yXZKNRMSa4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:+0RMdx4ojf51aTcK0NEQUd0op3QlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d922fa8e85632ffbf1eb5678ef1368d_JaffaCakes118

Files

0d922fa8e85632ffbf1eb5678ef1368d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfe98c508cdae5b21c6d1d603fe20f3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GetModuleHandleA
EnumCalendarInfoW
GetCurrentProcessId
GlobalFree
FindClose
GetFileAttributesA
GetConsoleAliasW
GetPrivateProfileStringW
SetLastError
FindAtomW
GetDriveTypeW
EnterCriticalSection
GetModuleFileNameA
LocalFree
CreateMailslotA
SetEvent
ReadFile
HeapCreate
GetCurrentThreadId

user32

DispatchMessageA
SetFocus
GetKeyState
GetSysColor
GetClassInfoA
DispatchMessageA
CallWindowProcW
GetMenuInfo
IsWindow
GetCursorInfo
DrawTextW
GetKeyboardType
GetClientRect

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ