0ddf9b9a65025122e9c0f37bae46ede2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ddf9b9a65025122e9c0f37bae46ede2_JaffaCakes118
Size

151KB
MD5

0ddf9b9a65025122e9c0f37bae46ede2
SHA1

6adc03ee00039a7edf591b8b8762047392acc7d8
SHA256

ebd673a651b11b02fda7b6742d020f57f72fba6e633271fc4c8ebdc176be4cbc
SHA512

3fe5d1cbf1329259de805a6a088b97d139fd8859ba2a8503221a0cf20edcbc8de538942fad7c138865d9233182292fb8f1d15b895c79bb1bbc3dbfccbf147a88
SSDEEP

3072:yw87XQfPBFkkJtzKEVfdOVPnoHBSnBCSqY/FHNC1kC4uUX+ItSoj4:DfPBFkkJtzxdOeHBSsSqGFHNCOOhyZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ddf9b9a65025122e9c0f37bae46ede2_JaffaCakes118

Files

0ddf9b9a65025122e9c0f37bae46ede2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bb8eda7199ceec18600efaa46abb97d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalUnlock
CompareFileTime
GetTickCount
WaitForMultipleObjects
lstrlenA
HeapReAlloc
GetConsoleCP
GetStdHandle
HeapCreate
LoadLibraryExA
GetSystemDefaultLangID
CloseHandle
InterlockedExchange
GetVersion
VirtualProtect
GetProfileIntA
AddAtomA
GetCommandLineA
WaitForSingleObject
SuspendThread

user32

CreateCaret
GetKeyState
PaintDesktop
DestroyMenu
EqualRect
CreateCursor
MessageBoxA
GetWindowTextA
GetKeyboardLayout
SubtractRect
PostMessageA
GetMenuStringA
ModifyMenuA
SetWindowPos
SetPropA
DialogBoxParamA
UpdateWindow
DispatchMessageA
ShowWindow
FindWindowA
InsertMenuA
TranslateMessage
CopyRect
GetDlgItem
EnableScrollBar

atl

AtlAdvise
AtlSetErrorInfo
AtlModuleInit
AtlUnadvise
AtlGetVersion

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ