0dd09149209f11bee03f5762afc30f80_JaffaCakes118 | Triage

Sharing

General

Target

0dd09149209f11bee03f5762afc30f80_JaffaCakes118
Size

3.7MB
MD5

0dd09149209f11bee03f5762afc30f80
SHA1

25dc1a97a861e59c2246d7a2edfc1f5c4af1364a
SHA256

2caf2da8245c9295d1da1d1d16bcecee7a7cedd656a5d06283634c90a78f42df
SHA512

b803fdf670ef83ce854fecb1846710069ad79e67235aa60136822a653b066d6aead23f795dd21f7ae8371cac5ec68f5e57da1418cd74e91e8b325419c2ecdbe6
SSDEEP

98304:3MN00MBQQd+py/01zQXyZuLVC3dr33UovvU9BXzqd7VP0K0:O00WQm/3BLUBkYU9dzqlKK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd09149209f11bee03f5762afc30f80_JaffaCakes118

Files

0dd09149209f11bee03f5762afc30f80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d5d7f9ec575d185aa1a8c9780d3ecda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
GetCommConfig
GetFullPathNameA
lstrcatW
SizeofResource
SetConsoleWindowInfo
WriteProcessMemory
SetStdHandle
OutputDebugStringA
RaiseException
GlobalFindAtomA
GetThreadContext
GlobalFlags
FindFirstFileA
DosDateTimeToFileTime
SwitchToFiber
GetVersion
lstrcmpiA
CreateMutexW
LoadLibraryExA
WriteConsoleOutputCharacterA
GlobalDeleteAtom
EnumCalendarInfoA
GetShortPathNameW
LCMapStringA
ExitProcess

user32

RegisterWindowMessageA
IsDlgButtonChecked
GetScrollRange
GetMenuInfo
SetPropA

oleaut32

SafeArrayPutElement
LoadTypeLibEx
SysAllocStringLen

gdi32

Chord
GetTextAlign
PolylineTo
TextOutW

comdlg32

GetFileTitleW
GetSaveFileNameA

msvcrt

_strtime
_wcsnicmp
_errno
_chsize
wcstoul
_wsplitpath
_wspawnv

Sections

.text
Size: 2KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ