c0f10559b8c71c76690fda038ab41407_JaffaCakes118 | Triage

Sharing

General

Target

c0f10559b8c71c76690fda038ab41407_JaffaCakes118
Size

197KB
MD5

c0f10559b8c71c76690fda038ab41407
SHA1

47b1c184169c542a6c9a0eb84e54eca38f21ce8c
SHA256

1de4976e1b2299ae80aec025f661ffd57e1bf7e68cc1cd6ca6d21a1ae2536a57
SHA512

d31e850a860946ade34502fc4cdb4bb7aa037a506ee1bd2657ac271ad33e9a806daefdbca71f8b763f102a415c75505c77a5f2e46e864897ef2e52cc15fa6bac
SSDEEP

6144:7SgXBK3wZ1EOLPGoDiWPGRnI/uQIUu36Z:9XBtZzLPGoDiWPGVImQ3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0f10559b8c71c76690fda038ab41407_JaffaCakes118

Files

c0f10559b8c71c76690fda038ab41407_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3395c02a2ea9ca734d816d258914b1bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
IsDBCSLeadByte
TlsGetValue
AddAtomA
GetExitCodeThread
TlsFree
CompareStringA
GetConsoleCP
ReleaseMutex
SetEvent
GetThreadTimes
GetDefaultCommConfigW
GetModuleHandleA
VirtualAlloc
GetOEMCP
GetLargestConsoleWindowSize
GetThreadLocale
GetUserDefaultLangID
CreatePipe
CancelWaitableTimer
GetThreadPriority

user32

GetForegroundWindow
CloseWindow
GetDC
GetClassInfoExA
GetWindow
ReleaseDC
RegisterClassA
ShowWindow
ValidateRect
GetWindowTextA
InvalidateRect
IsIconic
ReleaseDC
GetClassNameA
GetActiveWindow
GetWindowTextLengthA
IsWindowVisible
GetFocus
GetSystemMetrics

tapi32

MMCSetServerConfig
MMCSetPhoneInfo
MMCSetLineInfo
MMCInitialize
MMCShutdown

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ