0b1c896ae1c8141eb7a4bc02859af6fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b1c896ae1c8141eb7a4bc02859af6fc_JaffaCakes118
Size

358KB
MD5

0b1c896ae1c8141eb7a4bc02859af6fc
SHA1

0d87f497ef743a1fee886736549f272092959cce
SHA256

b3b2238ecda8ae84afad2c54db980d2a803a565b8e9098cf83e5f3505eb412a8
SHA512

c90ac7ee65aeee3c5bc0ef0a73f7b4439a51fb0abf598d6741c4fe22318025f822287172b5088e17606e6152f91c0b192102638b06041399ee488c340f2b9c6f
SSDEEP

6144:QP4smvkh2wB+61LBOGeSsQteetllEF7Cs1RHi4jOW2COGXclc8penaeG:k4smvkhLTLB3vsWPvEF7j12GMQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b1c896ae1c8141eb7a4bc02859af6fc_JaffaCakes118

Files

0b1c896ae1c8141eb7a4bc02859af6fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d34258b947c859af62690bf804ff7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
CloseHandle
Sleep
GetDiskFreeSpaceA
ExitProcess
GetModuleHandleA
lstrlenA
CreateThread
AddAtomA
SetEvent
VirtualProtect
ReleaseMutex
FindResourceExA
DeleteCriticalSection
GetLastError
SearchPathA
GetConsoleFontSize
GetTickCount
TlsGetValue
FindVolumeClose

user32

GetKeyState
CreateMenu
EndDialog
CopyImage
GetMessageA
DialogBoxParamA
DispatchMessageA
CreateWindowExA
EnableWindow
GetScrollBarInfo
DragDetect
CloseWindow
IsIconic
CopyIcon

wshbth

WSHIoctl
WSHOpenSocket2
WSHJoinLeaf
WSHNotify
NSPStartup

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ