0e2bc3da70112bdd26be91c429f4588b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e2bc3da70112bdd26be91c429f4588b_JaffaCakes118
Size

152KB
MD5

0e2bc3da70112bdd26be91c429f4588b
SHA1

81c2a9523467738877a2e1d3d17f8a70b03c7ffc
SHA256

d3fcce333f65c3dc1482df0f87bd2aff0de7065a81215d2c7568a9bd1bdbe9ec
SHA512

7d29d3a154a08eb075b116babd1904421dabe79769155627f836f967aaa85722045ecbc4fe707a6f90f7d3bf20112edb114c292c21c2e2b73055c2962062a3c7
SSDEEP

3072:++1y39o+H+5eVqz+UYqy2SDMS9KP5akntX:uXeeqkE5jn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e2bc3da70112bdd26be91c429f4588b_JaffaCakes118

Files

0e2bc3da70112bdd26be91c429f4588b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6dea9b4d8307c73cd9b3a7d2bfdec7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
DuplicateHandle
GetSystemTimeAsFileTime
GetFileSize
CreateFileA
VirtualFree
GetProcAddress
GetModuleHandleA
AddAtomA
VirtualAlloc
QueueUserAPC
GetCurrentThread
ExitThread
CloseHandle
CreateEventA

user32

DestroyWindow
PostMessageA
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjectsEx
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ