0a24e8beba626a17553b2e3ed7f6f773_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a24e8beba626a17553b2e3ed7f6f773_JaffaCakes118
Size

152KB
MD5

0a24e8beba626a17553b2e3ed7f6f773
SHA1

1eaad9be78ece60663e17e0619a8be4df92998d8
SHA256

a9e50bff53ea47a4184ea60fe892fddc7e8962b896b40007bd5a07023fafdba6
SHA512

1cf453dd917f94fce1f9e495b5b5dc943bc6eb2969423d32e88f70b8ab98066a27ae774829c6c17ceef577ffd2853cc6d6305076b14c9acf8c155279f08d537b
SSDEEP

3072:SyFk/npj9wyxyLrWAfZ3zOTLhPMLPfy/uFEWrZGJGi24pvrDd8yCNGz:Sy8dKeyLrWAfZ3+P+Xy/u3rZG4i24pzT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a24e8beba626a17553b2e3ed7f6f773_JaffaCakes118

Files

0a24e8beba626a17553b2e3ed7f6f773_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99b3efd38ae1009543e5455249697021

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentExPointA
SetICMProfileA
SetWindowOrgEx
GetClipRgn
DeleteColorSpace
ArcTo

kernel32

lstrcpyW
SetConsoleTitleA
GetFileSizeEx
SwitchToThread
SetCurrentDirectoryA
GetModuleHandleW
ExitProcess
AddAtomA
VirtualAlloc
Module32FirstW
GetCommandLineW
GlobalMemoryStatusEx
GetCurrentProcessId
CloseHandle

iashlpr

ShutdownIas
MemFreeIas
InitializeIas
FreeAttributes
MemAllocIas
AllocateAttributes
DoRequest

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 3.9MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 1024B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ