0a36ff9756610800eb13e0920b310e0a_JaffaCakes118 | Triage

Sharing

General

Target

0a36ff9756610800eb13e0920b310e0a_JaffaCakes118
Size

926KB
MD5

0a36ff9756610800eb13e0920b310e0a
SHA1

e00df6a8c25d6535b40568356d91b0b029fee91c
SHA256

d6ec75b359f9942ee20c29e21618808727af6ac191f3c964024835ee583573e9
SHA512

f588639c93a951a76a2c0e6fc3ae7f252297da4b0087f607f1573f806611060e42fae46409cfe2a1f0d24145722e61ce59a95d265f04a2cdbc1372e52c6a5db3
SSDEEP

24576:G+A9U3cGA+A9U0GjcFpCV6Lktse673epJv0sa:GF4cGAF6jYFdzepN0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a36ff9756610800eb13e0920b310e0a_JaffaCakes118

Files

0a36ff9756610800eb13e0920b310e0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd8c8dcd1df8f70492ca512335433272

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
SendMessageA
RegisterClassExA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA
wsprintfA

kernel32

GetModuleHandleA
LoadLibraryA
GlobalFree
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcatA
WriteFile
SizeofResource
SetFileAttributesA
RtlMoveMemory
LockResource
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetCommandLineA
GetEnvironmentVariableA
GetModuleFileNameA
GlobalAlloc
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadResource

shlwapi

PathFindFileNameA
PathFindExtensionA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 985KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE