0b0a4f645b3f8ebd5b4ab8b8754632ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b0a4f645b3f8ebd5b4ab8b8754632ad_JaffaCakes118
Size

396KB
MD5

0b0a4f645b3f8ebd5b4ab8b8754632ad
SHA1

17c40585f40f0b224f0650512cc19ea14fc1eefd
SHA256

6cd3c1ca21b39c09441c0ee2568077b0b6b76fd6a36dd8dba0aa5f940d1f50c4
SHA512

bcaa638777a0c64fb523e033d7a9787e630b781654f3b08d78901d74b297bab8ff2297faf830b739b7a0f6ce8e87f6001ea3b8ca97bca46afb9be8748cc2cbe8
SSDEEP

6144:mVSV5llCW8UoWPaC5Y/ngRSxbBbz2THCKhACZ5Nv1QA7AhX2pfhAPGjA2NiFm:mVk598BBC52nucBiCGPV7AcFhA4N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b0a4f645b3f8ebd5b4ab8b8754632ad_JaffaCakes118

Files

0b0a4f645b3f8ebd5b4ab8b8754632ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba7ec1eb72b3c23a97d0c0f4e5a508fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
RemoveDirectoryA
Beep
CreateDirectoryW
CreateFileMappingW
GetDriveTypeA
FindClose
CreateMutexA
GetCommandLineA
ReleaseSemaphore
ReleaseMutex
OpenEventW
SetStdHandle
RemoveDirectoryA
DeleteFileA
GetModuleHandleA
WriteConsoleW
CreateFileA
FindClose
WriteFile
lstrlenA
ResetEvent
VirtualProtectEx
GetTickCount
HeapFree

user32

DestroyMenu
GetClassInfoA
IsWindow
IsZoomed
PeekMessageA
CreateIcon
DrawTextW
FindWindowA
GetSysColor
DispatchMessageA
MessageBoxA
GetWindowLongA
DestroyMenu

dmutil

DisplayError
DisplayError
DisplayError
DisplayError

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ