0ce0d2ef13e43aae058002449047bbe2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ce0d2ef13e43aae058002449047bbe2_JaffaCakes118
Size

161KB
MD5

0ce0d2ef13e43aae058002449047bbe2
SHA1

5222a5bb5cfad6086550d6f94be967005a3d15e9
SHA256

a8202025f67a8e8a74870dddada24e28b2e66ee173f351e4661070bd6ea085bf
SHA512

0c1f3ac7ab927e223fff76337e89862e8959ef1f3a7d2e296859af432d0b362647997809df73cedf468619ab12c2002270b07b1774dbcb727423fd8edd1f4cd4
SSDEEP

3072:2VqpE1ggvh9WW3DehddTCeBeHPks0VjP5aJ9v+SniYMNTwflKs:251DWW3ETJbs01P4FlgT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce0d2ef13e43aae058002449047bbe2_JaffaCakes118

Files

0ce0d2ef13e43aae058002449047bbe2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5131b998019e756eaa1f6a680614b79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePenIndirect
GetTextColor
GetPaletteEntries
GetTextAlign

kernel32

LockResource
VirtualAllocEx
ExitProcess
LoadResource
LoadLibraryExA
LoadLibraryA

user32

GetSysColorBrush
LoadIconA
DrawFrameControl
IsCharLowerA
DrawIconEx
DrawIcon
CharLowerA
GetMenu

shell32

SHGetFolderPathA
SHFileOperationA

Exports

Exports

_C5Ia9Fy@16
CjnByvlDE@16
_tK7YGI9@8

Sections

CODE
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 655B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 512B - Virtual size: 375B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ