d0bb2aa2a74dbbd2591b5a11ca9760d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0bb2aa2a74dbbd2591b5a11ca9760d4_JaffaCakes118
Size

836KB
MD5

d0bb2aa2a74dbbd2591b5a11ca9760d4
SHA1

a1b292258a15fcb423fadbb38742746523aa188a
SHA256

48efde87a65699bd0d40dd0bf830e3514c46ea72f99800a9cd4a95c017950fa1
SHA512

ac63c9344d86008552d599f45393a2b573f3c4caff65b48af678bcfeb22f0c73613baec7f5ff8004426c132b638353d755b6a13f1771ff6f7131aac9b9294915
SSDEEP

24576:xTiz0F0QbZ2StFVnipCridUOork2ZSeSfLXVwRM6HvZ:ZizYZX1uXdMdAkfPZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0bb2aa2a74dbbd2591b5a11ca9760d4_JaffaCakes118

Files

d0bb2aa2a74dbbd2591b5a11ca9760d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ec4f42a93a6c493b6169f6e88d0ee27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SetLastError
GetCPInfo
GetModuleFileNameA
LoadLibraryA
DuplicateHandle
VirtualAlloc
FreeConsole
lstrcatA
lstrcpynA
Sleep
lstrcpyA
OutputDebugStringA
GetLastError
GetModuleHandleA
GetCommandLineA
CloseHandle
UnlockFile
ExitProcess
LockFile
CreateFileA

user32

GetQueueStatus
MessageBoxA
GetProcessDefaultLayout
GetAncestor
GetParent
GetProcessWindowStation
IsWindow
SetTimer
KillTimer

comdlg32

ChooseFontA
PrintDlgA

ole32

CoInitialize

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ