0a9e9cf3466212dcf28fdef8e7acdc9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a9e9cf3466212dcf28fdef8e7acdc9c_JaffaCakes118
Size

336KB
MD5

0a9e9cf3466212dcf28fdef8e7acdc9c
SHA1

d4de7c288d3cb542c248f617349b81f1358db7af
SHA256

cd7f12c1027b69bdeaa0f387de80268dff720c9ea2d434eed4071801b8f7b426
SHA512

c8703b7ba5b8ffcd184cf4ca052bfe2e1aeda1341e33a29847eed3f64cfb2c2a834d5f67f315415dd964c9687da07e9ac648acc879855c39d87c86724e554b60
SSDEEP

6144:pS/Xk3hgQefn1oQV4x5GPkWgf7QNLX+dWLFTaXv1KYxBc5QxH6UB+J:cs3hgQefntQUcxfUr0WRovpvcIEJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a9e9cf3466212dcf28fdef8e7acdc9c_JaffaCakes118

Files

0a9e9cf3466212dcf28fdef8e7acdc9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9727e0d117c654f7b47574d125eb181

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CloseHandle
CreateFileA
ReleaseMutex
GetCommandLineW
GetDiskFreeSpaceW
SetEvent
CreateThread
lstrcmpW
HeapCreate
GetModuleHandleA
GetTickCount
GetFileAttributesW
GetComputerNameA
ResetEvent
GetSystemTime
GetDriveTypeA
LoadLibraryA
LocalFree
FindAtomW

user32

SetFocus
GetDlgItem
DrawStateA
CallWindowProcA
DestroyCaret
CloseWindow
GetKeyState
CreateWindowExA
GetClassInfoA
FillRect
GetClipCursor
GetComboBoxInfo
DispatchMessageA

cryptdll

MD5Final
MD5Init
CDLocateRng
CDRegisterRng
CDBuildVect

desk.cpl

DisplaySaveSettings

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ