0cdc8452f2d77aa4559d10203daf12e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cdc8452f2d77aa4559d10203daf12e2_JaffaCakes118
Size

160KB
MD5

0cdc8452f2d77aa4559d10203daf12e2
SHA1

09e6b04069f7486597f029c64187d65fdcbd8a07
SHA256

f522cba258c1674be9afd865dc252d12ae9bb2c7c516dd62b66f17f05bd93013
SHA512

b556e4dc0b0950aa27b0928ee110dbd7726e57ecf45236d4b3e85939a69f56e70986de325cbd40c25e3bb4fc44136ce6d8b47457e564cd4a9093c040d218e0b6
SSDEEP

384:8yczqwQ5QgzzoZAOhWJHunRbh7LHgQvLnfxwEcUjN4Ejz5PnbH0abcebKJnajcvn:Dcz5wFv46unJh7TgQjf7BJzreJaYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cdc8452f2d77aa4559d10203daf12e2_JaffaCakes118

Files

0cdc8452f2d77aa4559d10203daf12e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13e1db28b50e9b570e33c31ba6aee855

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ShowWindow
SetTimer
RegisterClassExA
PostQuitMessage
MoveWindow
LoadIconA
LoadCursorA
KillTimer
GetMessageA
DispatchMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA
UpdateWindow
wsprintfA

kernel32

lstrcpyA
WriteProcessMemory
SetFilePointer
ReadProcessMemory
ReadFile
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
GetCommandLineA
ExitProcess
CreateFileA
lstrlenA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE