02cea97c01ef336aca0a0ce4c443f9cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02cea97c01ef336aca0a0ce4c443f9cf_JaffaCakes118
Size

2.5MB
MD5

02cea97c01ef336aca0a0ce4c443f9cf
SHA1

d9f763e9021e181dcc3b6f44b4bfb7a90d154fa4
SHA256

afbe636742e2a153389f6cdee3e64719e28c059a3cc39ae1f23bbf37711e3ec7
SHA512

0537b845485e6e3450ce6ed48492ed30c7e9409a025c8ef03df0ed381087f3152407c239b97c4f9df106cf72c6b75a3304ba09f56372244ee058737fe97c7151
SSDEEP

24576:t/ynICkpmBr6e3zPxrrphDH45PQ6fOl4+2qkP8W6g7RJJWi6YEZu7gUa//8lpb2/:pynIT92xrrphR6uzqWZacXQRI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02cea97c01ef336aca0a0ce4c443f9cf_JaffaCakes118

Files

02cea97c01ef336aca0a0ce4c443f9cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41dc35e1b9913e894f840527db5adcbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCurrentProcessId
GetConsoleOutputCP
ProcessIdToSessionId
GetProfileIntA
lstrcmpi
SearchPathA
GetThreadContext
GetSystemDirectoryA
OpenJobObjectA
AddConsoleAliasA
GetComputerNameExA
SetFileValidData
LZOpenFileA
GetSystemInfo
GetSystemDirectoryA
GetLocalTime
WriteConsoleInputA
SetComputerNameA
WriteConsoleOutputA
SetThreadExecutionState
OpenFileMappingA
CompareStringA

d3d9

Direct3DCreate9

advapi32

CredFree

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 800KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ