0ed2aa9971ce464579a63c216e2f8bfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed2aa9971ce464579a63c216e2f8bfc_JaffaCakes118
Size

320KB
MD5

0ed2aa9971ce464579a63c216e2f8bfc
SHA1

0d27b73d08650b4d895ea9656cc68ceb55f6b5a9
SHA256

2332ae51cf462165eb8b62531e66323c6d817cf7961485d3a7adbbe3f012ffbb
SHA512

eb8bb1ee20f9ad3926f3699428840526570e2818b4a7e4fd78370169034a10f2bc33dd6d78d5c5e016d8111cd454876a104e1f59fd33523caedc163ed2893ac6
SSDEEP

6144:W/nrlPw2/8XlNpL/oee4h1u0yCEeHsSZTsr:W/r+1Iew09zfhs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed2aa9971ce464579a63c216e2f8bfc_JaffaCakes118

Files

0ed2aa9971ce464579a63c216e2f8bfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d27d929a405ba49627720e1042bf9b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
SendMessageA
PostQuitMessage
MessageBoxA
KillTimer
GetDoubleClickTime
GetDlgItem
EndDialog
DialogBoxIndirectParamA

kernel32

LoadResource
GetProcAddress
lstrcpyA
lstrcatA
WriteFile
Sleep
SizeofResource
MultiByteToWideChar
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetModuleHandleA
LoadLibraryA
GlobalAlloc
GlobalFree
LockResource

comctl32

InitCommonControls

shlwapi

StrStrA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE