0ca6476bc4f11bdafa642df04b624516_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ca6476bc4f11bdafa642df04b624516_JaffaCakes118
Size

315KB
MD5

0ca6476bc4f11bdafa642df04b624516
SHA1

81063b21a686285d3af46ffbcd0e45e22f4aad11
SHA256

0ddf1b638ff79af9bc1deaaf45a8109447cfce791eb7d2a6fcf9e4034f05ef8e
SHA512

c8d6d861dcb0b310548cb8d59142b9412c7ef284ac183f78deb900835b847e9f18caf1da59cd58f4d3550b091ad83bf8d6ee6b55565ca72c9ebaa26e01385115
SSDEEP

6144:Xs4rfYwXCIq6BU5l8iHtDprW7e6AabtisH9fETmQrW/kYo/dTjLKI5pu0:tzYCC20l8atDtW1vvHaTliknlRu0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ca6476bc4f11bdafa642df04b624516_JaffaCakes118

Files

0ca6476bc4f11bdafa642df04b624516_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abf57bab7c4b7997cbd2543a55eb15a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
HeapCreate
ReleaseMutex
GetStdHandle
RemoveDirectoryA
GetLastError
GetACP
EnterCriticalSection
SetErrorMode
FindClose
FindFirstFileExA
SetEvent
RaiseException
VirtualProtect
InterlockedExchange
ResetEvent
GetLocaleInfoA
GetCommandLineA
GetSystemDirectoryA
GlobalFree
Sleep

user32

ValidateRect
GetWindowTextA
DrawTextA
FillRect
EndPaint
SetForegroundWindow
ReleaseDC
FlashWindowEx
GetActiveWindow
FrameRect
GetCursorPos
wsprintfA
IsIconic
GetWindow
ShowWindow
BeginPaint
GetParent
GetFocus
GetClassNameA

dnsapi

DnsApiFree
DnsApiAlloc
DnsFree
DnsStatusString
DnsApiRealloc

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ