0cfabdeb3746d4bec1e2c2963f1ec273_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cfabdeb3746d4bec1e2c2963f1ec273_JaffaCakes118
Size

413KB
MD5

0cfabdeb3746d4bec1e2c2963f1ec273
SHA1

d34bc86ea1b56594722a3b73a8b0215c5d66fdb1
SHA256

1deed9052b61d431258aed986d2ba769d2f229eebc4ac1ebb01803dd6a4fab26
SHA512

be0e083dadf23ccc23866914c068b3f4ff8c9bce135a7defbb8a4164fd570f930f08c98641bd0ad3c2ba5a60a09cb2f3059c568406ad1713daf78d832825b0ff
SSDEEP

12288:0r1We//H1u6jHeplQfYBL1aBGb0vbQTsibaJfjuV:kWA/HMa+QIamwJKV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cfabdeb3746d4bec1e2c2963f1ec273_JaffaCakes118

Files

0cfabdeb3746d4bec1e2c2963f1ec273_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e528881d50051087b0c3686b701bf7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadStringA

advapi32

GetUserNameA

ole32

CoInitialize

oleaut32

VarUI4FromStr

setupapi

SetupIterateCabinetA

comctl32

InitCommonControlsEx

Sections

.text
Size: 332KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE