0a65702c7cab048bd403abe7a7cfcb36_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a65702c7cab048bd403abe7a7cfcb36_JaffaCakes118
Size

175KB
MD5

0a65702c7cab048bd403abe7a7cfcb36
SHA1

88e1e9d650833cd83b9a6c3b0cd8f457d0607fbd
SHA256

2cad2061261a5887b3448232204b1b083924b07186a33a87fa4849d43fc7f207
SHA512

c7f4427c7ef89ad4db947f54d6c3e2c13335e8dd20da33932ad1fa37e54f9d0713bfbf933e05887ca5a50cb1b1c0bda075ee1449d45cb04674f35f80bf4704b4
SSDEEP

3072:V5LRG0K+M6fIzuYYnRjWceRRvCu8fPoJjA/Z1wGn9szXuwn8hn/:Vdc0TXUY1W1RRKurJs/IjXuD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a65702c7cab048bd403abe7a7cfcb36_JaffaCakes118

Files

0a65702c7cab048bd403abe7a7cfcb36_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9a069c974db629690a7f2aa28de0494

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\zksmedhy\fweewC\bljqVRm\uxbhpcx.pdb

Imports

kernel32

LockFile
SystemTimeToFileTime
GlobalCompact
FindNextFileA
LocalSize
GetUserDefaultUILanguage
OpenFileMappingW
GlobalLock
CreateEventW
GetFileAttributesW
CreateDirectoryW
lstrlenW
GetModuleFileNameW
FoldStringW

user32

GetDesktopWindow
SetClassLongW
GetMenuState
RemoveMenu
wvsprintfA
InvertRect
DispatchMessageA
DialogBoxIndirectParamW
GetParent
IsCharAlphaW
DrawFrameControl
GetWindow
BringWindowToTop
GetWindowRect

ntdll

_aullrem

gdi32

RestoreDC
BitBlt
GetDIBits
GetPaletteEntries
GetDeviceCaps
ExtFloodFill
StretchDIBits
RectVisible

Exports

Exports

?lwXgystVbgBguquChb@@YGPAJPAJ@Z

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ