0ee01f23ae1aedbfb8d6d04234b74048_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ee01f23ae1aedbfb8d6d04234b74048_JaffaCakes118
Size

299KB
MD5

0ee01f23ae1aedbfb8d6d04234b74048
SHA1

44cb971cf04d7e115bfb98b220e9580f630fd660
SHA256

174fd48dffee39e2b7d46aa99f05fd79b6f627812f2d61ca41421f91d0f44b95
SHA512

ab4eeb17e03ea192792c7e8412b5f4f5aa7a408d36b2a85da9449126a7841aac766c8017773779ce525b5058378dd940350e12e1d3972c334bd124ec87e3a229
SSDEEP

6144:9a8Wt8gn1kWHSSi5JLlapqSQgdeav1WrjsTOf41B6EOZ8mSvHVK0SX:9aBtX1KSi5JLQ5LUalTO+sEOZ8mw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee01f23ae1aedbfb8d6d04234b74048_JaffaCakes118

Files

0ee01f23ae1aedbfb8d6d04234b74048_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c83076f3b25d08221535ba085f983c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
CreateThread
Sleep
SetLastError
CloseHandle
SetEvent
UnmapViewOfFile
CreateFileA
LocalUnlock
HeapCreate
LoadLibraryA
GetCurrentDirectoryA
CreateThread
GetComputerNameA
LocalFree
PulseEvent
GetSystemTime
GetCommandLineW
GetModuleHandleA

user32

DrawMenuBar
CallWindowProcA
IsWindow
CreateWindowExA
DrawEdge
GetDlgItem
GetDC
FillRect
DispatchMessageA
GetScrollBarInfo
CheckRadioButton
SetFocus
GetKeyState

clbcatq

CheckMemoryGates
UpdateFromAppChange
DowngradeAPL
SetupOpen
SetSetupSave

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ