0a4fc12f7948d8e0ffe7aec7b48440b2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a4fc12f7948d8e0ffe7aec7b48440b2_JaffaCakes118
Size

12KB
MD5

0a4fc12f7948d8e0ffe7aec7b48440b2
SHA1

53b970d2bda5c208822c043a17dbc9a3feddf158
SHA256

c7c2282c1aab8e29ad4f86bb0414cbbae3cca5587e288c7ada351b2e49793b5d
SHA512

a81747d9c777beb520552208a279935e7856c1c1c2094bbb74f013d341bd44cabed945b46b2a9487d7771fadcd670d61dd0587fd4e4f456b4089e1dee40cf82b
SSDEEP

192:1TyLrWyCJA6/gMKwr3oiM2OoJi9HpsKdXK9VUucXE6:1T3k6/r3oPYY9GsXKADXE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4fc12f7948d8e0ffe7aec7b48440b2_JaffaCakes118

Files

0a4fc12f7948d8e0ffe7aec7b48440b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6dd6b5471530e73eb6cabaae84761b3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
MessageBoxA
LoadStringW
GetDlgItemTextA
EndDialog
DialogBoxParamA
CreateWindowExA
wsprintfA

kernel32

lstrlenW
lstrlenA
lstrcpyA
VirtualFree
VirtualAlloc
Thread32Next
CloseHandle
CompareStringA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryA
Process32First
Process32Next
QueryPerformanceCounter
ReadFile
SetFileAttributesA
SetFilePointer
Sleep
Thread32First

advapi32

RegQueryValueA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ