0dd3b2bec0dedd60dc9600fa2dbf891c_JaffaCakes118 | Triage

Sharing

General

Target

0dd3b2bec0dedd60dc9600fa2dbf891c_JaffaCakes118
Size

13KB
MD5

0dd3b2bec0dedd60dc9600fa2dbf891c
SHA1

cb9a5003df7230e8414cab995a831afa234d72a2
SHA256

a91dcf1ef364cfb8864ae894ba4c53d163e27578c4e41a95269491fd42132435
SHA512

436f763defa47321f673c2631e21229f1f3f606d257e8f212a294ba4a889227541385f616cdaff4e6379c9d9a31185aba545fca02a2658898e6df82b2968d942
SSDEEP

384:aPquMON9VcExrwtJP3eDz/psJeAeUuE5W/NW:oqoFZCeAeUS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd3b2bec0dedd60dc9600fa2dbf891c_JaffaCakes118

Files

0dd3b2bec0dedd60dc9600fa2dbf891c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d734fdf8fa76b7f1feb5ab8e101a3f40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
SetErrorMode
FindClose
LoadResource
LoadLibraryA
SetProcessWorkingSetSize
GetCommandLineA
lstrcpynA
GetModuleFileNameA
EnumSystemLocalesA
GetFileTime
IsDebuggerPresent
TerminateThread
SetHandleCount
GetStdHandle
DeleteFileA
GetStringTypeA
HeapCreate
GetNumberFormatA
GetSystemInfo
SetFilePointer
FileTimeToLocalFileTime
DeviceIoControl
CreateProcessA
QueryPerformanceCounter
InterlockedDecrement
FreeEnvironmentStringsW
CompareStringA
LocalAlloc
GetLastError
GetPriorityClass

msvcrt

_strtime
_onexit
memset
fclose
wcsstr
strncpy

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ