0f01dcbbbf388a636a6126aa27a7eefd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f01dcbbbf388a636a6126aa27a7eefd_JaffaCakes118
Size

306KB
MD5

0f01dcbbbf388a636a6126aa27a7eefd
SHA1

7a6bba252b29c70987a685b8ce989e7bcad3d3c2
SHA256

511cdbb40e9bc6f4c5d0cb27a28b88a1ae12c349b92f1ced1c23082cbc343e8a
SHA512

64fc99bd6af0464bdf8b9254ab2ae662055ca6b4d96d44f2f54b236399273e2f795f5b2419ce983b468c16ca999ee1657e1c70a4cda1493921b1a18f37ecbefa
SSDEEP

6144:LEO963+V7c3hpIRKWCsA7RC2x+F2A5H7vEOYSxt/rjmvqh0BIRaZD:7U+dcRpZ8A7dAHLEXQt/UI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f01dcbbbf388a636a6126aa27a7eefd_JaffaCakes118

Files

0f01dcbbbf388a636a6126aa27a7eefd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e8d4b1af6bbacaeb4f08f8acbf45f48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
SetThreadDesktop
LoadCursorA
EndDialog
ToUnicode
GetKeyboardState
CharLowerBuffA
GetDlgItemTextA
GetDlgItem
GetClipboardData
GetForegroundWindow
SetProcessWindowStation
GetWindowTextA
DrawIcon
ExitWindowsEx

kernel32

VirtualAlloc
VirtualProtect
GetFileSizeEx
FindClose
GetFileAttributesW
lstrlenA
GetTickCount
GetTimeZoneInformation
LeaveCriticalSection
lstrcatW
InitializeCriticalSection
GetSystemTimeAsFileTime
GetModuleFileNameW
GetUserDefaultUILanguage
GetSystemTime
OpenMutexW

shlwapi

wvnsprintfA
wvnsprintfW
wnsprintfW
PathFileExistsW
PathCombineW
PathMatchSpecW
wnsprintfA
PathFindFileNameW
StrStrW
SHDeleteKeyA
StrCmpNIW

advapi32

DuplicateTokenEx
RegEnumKeyExA
GetUserNameW
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
CryptReleaseContext
CryptCreateHash
RegCloseKey
CryptHashData
CryptDestroyHash
CryptGetHashParam

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE