0a8b39780c44a17b76e5f98a09b86af7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a8b39780c44a17b76e5f98a09b86af7_JaffaCakes118
Size

23KB
MD5

0a8b39780c44a17b76e5f98a09b86af7
SHA1

7c41565257ab0509fbccdf7037448a6bcf960a67
SHA256

e87f3c800f0ffb1e93ca99c57314b992a17619d843ea583e835978783dd0333a
SHA512

03cdbe87edcae929a2751bbc57f3a01dab2e34e11298ea986a6c1cab0f1be35cc5e1fa2092a1e773013d4ba174522afe52b59839e0feeb4cc54cbefb442f0986
SSDEEP

384:DZvrkDeeCHNhoWOnDfC/5g/DDjKAPfu1COQ:DlkxCrID5v5fu1Cr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a8b39780c44a17b76e5f98a09b86af7_JaffaCakes118

Files

0a8b39780c44a17b76e5f98a09b86af7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd95935d134cdc539078ba76575f54c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountSidW
RegCreateKeyExA
DeleteService
RegOpenKeyW

msvcrt

_iob
_waccess
ctime
_exit
wcslen
fclose
strerror
memset
__set_app_type
isalnum
atol
_lseeki64

kernel32

VirtualAlloc
EnumSystemLocalesA
ExitProcess
EnterCriticalSection
lstrcmpiW
UnhandledExceptionFilter
WriteConsoleW
HeapAlloc
CreateFileMappingW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FlushFileBuffers

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA

gdi32

CreatePenIndirect
CreatePen
EndPage
ExtFloodFill
DeleteMetaFile
GetWindowExtEx
SetBitmapBits
SetBkMode
Pie
CreateRoundRectRgn
GetTextFaceW
SetViewportExtEx
GetObjectA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE