0dfba1ec1633767920fa8cc3d2c26cc9_JaffaCakes118 | Triage

Sharing

General

Target

0dfba1ec1633767920fa8cc3d2c26cc9_JaffaCakes118
Size

3.5MB
MD5

0dfba1ec1633767920fa8cc3d2c26cc9
SHA1

2df8008e18d04e20b37b9606d3acd3069af7eeed
SHA256

d39e8b7900a7f7831aace7b663e774ccd5b870498f768ebb52b1be8a28fdaad9
SHA512

99b831cf4fc2f62f4e559374c3d22773419fd2d9a2d0850c8e37cdf630b35ccf3a60aa91bfe64367a728489dfddd4614c8eeead88ee065d3492019b6498d7280
SSDEEP

49152:+nO8gyjAyQ/jFMbg4+E2BA2a2EcUcjlZHq9bVSFFfWp1M3JJnbWfJLBnf3oGhLHJ:2LqOHeAPpcjlZK9E8M3fbmJLBnfnMOXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dfba1ec1633767920fa8cc3d2c26cc9_JaffaCakes118

Files

0dfba1ec1633767920fa8cc3d2c26cc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

363d35535eca8b2e57b07ad1f7624def

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA
DdeCmpStringHandles
ExitWindowsEx

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

Sections

.text
Size: 45KB - Virtual size: 15.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE