0df4eda2ed874a26e0184be4e47df9fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0df4eda2ed874a26e0184be4e47df9fa_JaffaCakes118
Size

216KB
MD5

0df4eda2ed874a26e0184be4e47df9fa
SHA1

3b54b2612195689d8b7842b8b60efda61314ebc1
SHA256

567039d8eb6e27495144ec873cba46f2bad5470d449712c20385479c5d731cf4
SHA512

30883b63c50e0a02332481c71b76e75dbd163aa593cf6926e4af0ec7c46e43568e5cf2ee5ec400ec3a7801ce10da544081f4c28ecc6078ab31644de64b353c6f
SSDEEP

3072:5waU0EqcurcQ7txk6sLE+KBzQuPYJJW20N28oSJpf3hz:5wahx+6sL5gouT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0df4eda2ed874a26e0184be4e47df9fa_JaffaCakes118

Files

0df4eda2ed874a26e0184be4e47df9fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e5209867c52f7c5fa7e97b57735d5fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetDC
CharNextA
GetSystemMetrics

kernel32

lstrcmpA
GetCurrentThread
GetCurrentProcess
lstrcmpiA
lstrcmpiW
SetLastError
GetACP
lstrlenA
GetProcessHeap
GetUserDefaultLangID
QueryPerformanceCounter
SetCurrentDirectoryA
GlobalFindAtomA
GetModuleHandleW
MulDiv
RemoveDirectoryA
GetStartupInfoA
CopyFileA
GlobalFindAtomW
LoadLibraryW
GetDriveTypeA
GetThreadLocale
GetCommandLineW
GetCurrentThreadId
GetOEMCP
GetCommandLineA
GetCurrentProcessId
Sleep
DeleteFileW
lstrlenW
DeleteFileA
GetConsoleOutputCP
VirtualAlloc
GetLastError
GetVersion
GetModuleHandleA
GetTickCount
IsDebuggerPresent

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ