0c9e2e105eaa6372722a934f988c2db6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c9e2e105eaa6372722a934f988c2db6_JaffaCakes118
Size

18KB
MD5

0c9e2e105eaa6372722a934f988c2db6
SHA1

4066fe65d11cade5d2c5c24314edb91e2c78fa50
SHA256

a12789b9b10f3426f2968dec63aa1e69c5f11ac1b71682f5dab514d67096026b
SHA512

05d693b350b7acb352b2357a440692cfdbe9fcb03e9d4339404a2ec2b7343d59e8d82dacb4d85feb71bf3fbc177293c3719e4d099a92320fd5f6b2e68e5d8222
SSDEEP

192:O6MWWzYcdcRB8sOmW7UE6Brfje8mBhohfWIXeMFK07lVJTa0qtHWx:NQzXdc3RW7UJrjDUhQRlVla0zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c9e2e105eaa6372722a934f988c2db6_JaffaCakes118

Files

0c9e2e105eaa6372722a934f988c2db6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c96dd16ef3169aed6efb8c3ddc32adaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
WaitForSingleObject
IsDebuggerPresent
GlobalMemoryStatus
HeapQueryInformation
HeapDestroy
InterlockedExchange
GetCurrentProcessId
GetStdHandle
HeapCreate
GetCurrentThread
GetACP
GetTapeStatus
GetProcessHeap
GetProcessVersion
CreateIoCompletionPort
GetLogicalDrives
GetTimeFormatA
VirtualProtect
LoadLibraryExA
GetEnvironmentStringsA

user32

GetParent
BeginPaint
GetFocus
SetForegroundWindow
FrameRect
GetClassNameA
DrawTextA
GetWindow
GetCursorPos
DragDetect
GetWindowTextLengthA
FillRect
EndPaint
ShowWindow
ReleaseDC
GetTitleBarInfo
GetDlgItem
SetActiveWindow
wsprintfA

advapi32

RegSetValueExA
RegFlushKey
RegEnumKeyA
RegCloseKey
RegCreateKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ