0e4273c19b2c92c47f952a731c1700e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e4273c19b2c92c47f952a731c1700e3_JaffaCakes118
Size

479KB
MD5

0e4273c19b2c92c47f952a731c1700e3
SHA1

64e471278d923b263621f9b036a836125bdf2810
SHA256

973216f2112f37fc2b9f8403ebe5d2106d2324a998f79ec7a78bf95ef6eaba4d
SHA512

00b2a35db912e338f278f66031f3c3553dc891d6447286f5c6b70a31e2993c39b064c7b7abca234524b22a221d8cb57357732c6f3501d1ffecfeb6a1b70aa99a
SSDEEP

12288:vlJ2a+qhH5htPxb0sHqEJBTXOk5jCxHc4RE:T2a+qhZhQjmBTXDj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e4273c19b2c92c47f952a731c1700e3_JaffaCakes118

Files

0e4273c19b2c92c47f952a731c1700e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c56db3a7a760497acadeb433425431b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
ExitProcess
GetLocalTime
SetFileAttributesA
CopyFileA
Sleep
GetCurrentThreadId
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetTickCount
GetProcAddress
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

PostThreadMessageA
GetMessageA
GetInputState

advapi32

RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ