a0b7bbe186c45c9d7e722802028c77a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0b7bbe186c45c9d7e722802028c77a9_JaffaCakes118
Size

144KB
MD5

a0b7bbe186c45c9d7e722802028c77a9
SHA1

60fe431580b532b99de5789bb770eefd1ca55175
SHA256

7b7ff284213ae7a4e65fe7fa6f1744902ef1fe034e0989d26784cb164eaf04d2
SHA512

58470a5a21670aaf84a087b31d038a31dcaa9a7ab5ca797d2005059a947033658d16fe730183d43930f3200d86b052b628f3e91fe27e2559f981984fba5ccdd2
SSDEEP

3072:IlCBkw1PRMJUpjFOAP+Y0dfKv3fVdM8XHp3Cnto:Il+kClP+ZfctSYHp3Cto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0b7bbe186c45c9d7e722802028c77a9_JaffaCakes118

Files

a0b7bbe186c45c9d7e722802028c77a9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2f8e4d101fec52fe2ef54ae7e9270c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
SetUnhandledExceptionFilter
LocalAlloc
GetModuleFileNameA
SetEvent
WaitForSingleObject
GetModuleHandleA
WaitForSingleObject
GetACP
GetModuleHandleW
MultiByteToWideChar
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
LocalFree
GetACP
LocalFree
GetModuleHandleA
GetProcessHeap
GetTickCount
GetCurrentThreadId
SetUnhandledExceptionFilter

ntdll

NtAllocateVirtualMemory

user32

SetTimer
DestroyWindow
SetTimer
GetMessageW
GetDC
ReleaseDC
ShowWindow
LoadIconW
GetSystemMetrics
SendMessageW
LoadIconW
ReleaseDC
GetMessageW
GetMessageW
SetTimer
LoadIconW
DestroyWindow
GetWindowRect
CreateWindowExW
GetWindowRect
GetDlgItem
PostMessageW
PostMessageW
GetDlgItem
GetWindowRect

Sections

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ