0ece9bdd76bd080c3802badff0f2a7d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ece9bdd76bd080c3802badff0f2a7d0_JaffaCakes118
Size

352KB
MD5

0ece9bdd76bd080c3802badff0f2a7d0
SHA1

28da4093da47ee2ac32d3764d8f44f4278fa756e
SHA256

78b4f649b966b5963484064703c58b62efe9441c6857e0f15d68178b97e1590a
SHA512

7afd0446c5ff0393035c1809e722a0b8022033233d1f74687e8d58c431c86004d19e44068fb34cf9e9a46c648e2ad0e73da99e1f5f1c9d70288d0729e592a6bd
SSDEEP

6144:NtHqWASxQ0rShyGlReFjbjfhyqQMRYNYoDvohAi3lFejOM:KWDQcShyGloFjbTA1KmNo/VFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ece9bdd76bd080c3802badff0f2a7d0_JaffaCakes118

Files

0ece9bdd76bd080c3802badff0f2a7d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e919d3dfc0a68a463ddd4de805e123d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
OpenMutexA
FindClose
ResumeThread
FreeEnvironmentStringsA
GetStdHandle
CloseHandle
FreeConsole
IsBadReadPtr
GetSystemTime
CreateEventA
GlobalUnlock
LoadLibraryExA
VirtualProtectEx
GetModuleHandleA
OpenSemaphoreA
LocalFree
GlobalLock
GetLastError
lstrlenA

user32

CreateWindowExA
IsMenu
GetMessageA
DialogBoxParamA
ClipCursor
EndDialog
IsIconic
GetSubMenu
LoadCursorA
SetFocus
GetComboBoxInfo
GetDlgItemTextA
GetMessageA
MessageBoxA

msasn1

ASN1BEREncOpenType
ASN1BEREncNull
ASN1BERDecBool
ASN1BERDecCheck
ASN1DecAlloc

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ