0cccbcc205b8e3e9eb2f854926e8433e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cccbcc205b8e3e9eb2f854926e8433e_JaffaCakes118
Size

801KB
MD5

0cccbcc205b8e3e9eb2f854926e8433e
SHA1

d05d89f95a383e43f02a0f188592c7157fe40088
SHA256

0392c9fa58b912b763480b223cc018bc571e92ba5ab23aa8b1a8c260d6ec2646
SHA512

11a8188226f97705f1fcae0420da26fb589d0227aba7abb74c936cd8564ca99229ddb29815c5f788a35c84d5e8de2cbc4046c58790508d435366fd2968d9c3f8
SSDEEP

12288:MmHMDJqmfw/CZUvTMuOkMSHapHiMNsIEcESS4N1tgNvvKIuPG4PQCD/1kAk8oChV:2twGyTl3qH8yESS4nGNHKND/KCTtI4P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cccbcc205b8e3e9eb2f854926e8433e_JaffaCakes118

Files

0cccbcc205b8e3e9eb2f854926e8433e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd335c24b0dd8c4761ce869ee5ba8ebf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
LoadLibraryA
CloseHandle
InitializeCriticalSection
HeapCreate
GetModuleHandleA
CreateEventA
LeaveCriticalSection
GetExitCodeProcess
GetFileSize
SetFileTime
IsBadWritePtr
HeapSize
SetFileTime
GetLastError
FormatMessageW
GetStartupInfoW
InterlockedExchange
lstrcatA
SetFileTime
lstrcpyA

mstscax

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

shell32

StrChrA
SHGetMalloc
DragQueryFileA
SHGetDiskFreeSpaceA
DragAcceptFiles
ExtractIconA
ShellMessageBoxW
DllUnregisterServer
DuplicateIcon
SHGetSettings
ShellAboutA
DragFinish
SHFree

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ