0dcb98c0089239b73c96fc7064cbae0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dcb98c0089239b73c96fc7064cbae0a_JaffaCakes118
Size

125KB
MD5

0dcb98c0089239b73c96fc7064cbae0a
SHA1

dfbaf00b6698bf8ad7a8b98222d15885e5539fa4
SHA256

a25706016c90dd8c9d45947f3b3b46feae564b46d8ea36e307922167dd18d0cf
SHA512

8aa974a8cbcc421986807d4e79eec91e76c76faba545402daebb6f5b96a5c59cdad7a3bc0cff1e57ac6996cda049c22609d04d9b2c04ba92d54e4e53f76b67ab
SSDEEP

3072:V9uHjVFB2hqHphdV858tyHgeOygsWyuvzw:OF2IHphdqWYAx/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dcb98c0089239b73c96fc7064cbae0a_JaffaCakes118

Files

0dcb98c0089239b73c96fc7064cbae0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd0009acece81ae4a82d8d3d5db4311f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDlgButtonChecked
PtInRect
GetCapture
PostQuitMessage
PeekMessageW
GetMenu
PostMessageA
GetTopWindow
GetDC
IsWindowEnabled
PeekMessageA

gdi32

CreateCompatibleDC
SaveDC
LineTo
CreatePalette
BitBlt
CreateDIBSection
CreatePenIndirect
CreateBrushIndirect

kernel32

LoadLibraryA
GetCommandLineA
ExitProcess
SetEvent
SetFilePointer
GetCommandLineW
VirtualAllocEx

Exports

Exports

_LfeVq_FzE@20
OU5LHXvtPe@4
102hlg0O

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ