0df10e1ac007f695797ff4fdcb5fbdfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0df10e1ac007f695797ff4fdcb5fbdfc_JaffaCakes118
Size

341KB
MD5

0df10e1ac007f695797ff4fdcb5fbdfc
SHA1

09abaae4ac40c4f9d4329bdba00209aea918775f
SHA256

27ebc81335529e33cf8e3203661110362e8234e2b025e26a0cc861fb59bab4ed
SHA512

991d057789611d67159f0677967b760c015cc2bd853141d3f29b4f2bad3f4464b73619a6150afcf586f5cdb1666abeab6fcce57e8d77c691392bf1211e0fdb1b
SSDEEP

6144:fmb7Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV7PEFM:fkuWCP/kMWDblsNjDmJIM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0df10e1ac007f695797ff4fdcb5fbdfc_JaffaCakes118

Files

0df10e1ac007f695797ff4fdcb5fbdfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7afe20fe67a080e9a03ea90c75b43e4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
IsBadReadPtr
CreateMutexA
LoadLibraryExW
VirtualProtectEx
CreateEventA
GetModuleHandleA
lstrlenA
CloseHandle
EnumResourceTypesW
IsDebuggerPresent
GetStdHandle
GetConsoleTitleA
FindClose
GlobalLock
GetSystemTime
GetLastError
FreeConsole
LocalFree
GlobalUnlock

user32

IsMenu
DialogBoxParamA
GetKeyState
EnumWindows
CreateWindowExA
GetSubMenu
EndDialog
GetParent
LoadCursorA
IsIconic
GetDlgItemTextA
GetMessageA
GetMessageA
MessageBoxA

clbcatq

CheckMemoryGates
GetCatalogObject
SetSetupOpen
ComPlusMigrate
GetComputerObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ