0f24481bca3217da6a12193fd4df25c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f24481bca3217da6a12193fd4df25c6_JaffaCakes118
Size

17KB
MD5

0f24481bca3217da6a12193fd4df25c6
SHA1

e9c242c4527653e2d23dbf7db9b9226be285da7e
SHA256

e7434356d384e60f0d54e7b0a11ce2e672c3c07657081555a802232e58834d61
SHA512

577856ce7c70471afa51321fc04b330d3cc52dc0f8a0cf7c05bc37cdb553de17c627b8b7beb35cdac7b5ac20453ef93f9b2506c9295f1cf2d10d36808bbf31fa
SSDEEP

192:6EvdNVqtI2OBQ/EYdmd2dhkfehcvh4KSC+vZWU/kqtWzBVkLTSQ:5vdNVqa2OBQ/cswWcvh3F+vZRp09eT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f24481bca3217da6a12193fd4df25c6_JaffaCakes118

Files

0f24481bca3217da6a12193fd4df25c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f354f340c10121f25d2da13f7365fc5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FreeLibrary
GetSystemDefaultLCID
GetLogicalDrives
GetCurrentThreadId
GetModuleFileNameA
GetACP
lstrcmpA
IsDBCSLeadByte
TlsSetValue
TlsFree
GetModuleHandleW
GetCurrentProcessId
TlsGetValue
TlsAlloc
GetSystemDefaultLangID
lstrcatA
GetCommandLineA
GetCurrentThread
GetCurrentProcess
GetDriveTypeW

user32

IsIconic
GetWindowTextA
GetForegroundWindow
UpdateWindow
ReleaseDC
BeginPaint
GetActiveWindow
GetWindowTextLengthA
ShowWindow
GetWindowDC
GetClassLongA
GetWindowLongA
GetWindow
GetDC
CreateWindowExA
IsWindowVisible
GetFocus
GetSystemMetrics
RegisterClassA

shell32

StrChrIA
StrRChrIA
StrChrA
StrCmpNIA
StrRChrA
StrCmpNA

msctf

DllRegisterServer
DllGetClassObject
TF_GetThreadFlags
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ