0b731cbdab80a10c7850830d01feaae9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b731cbdab80a10c7850830d01feaae9_JaffaCakes118
Size

213KB
MD5

0b731cbdab80a10c7850830d01feaae9
SHA1

b7bb40fc83f8c0d73d25c4dd5f32351f48c65ff5
SHA256

e747c716baf5bd5f28aecfa02dbf916dfde1e3b3aece35ffe68aaeddee03ec75
SHA512

1873f569a9626c33a74b7859afb9240a4769e03db0616d7634ff156d556ff56ce00e4c50f327ef6bea693e051982694cd07f6a08cafd9514d6e9e9499b1f6166
SSDEEP

3072:cO9+rXEVCzzyb2kJ1XSceo7M2y+5MPzypuucOmWipS0oiRb8Q+dkcj5nsS2:ca+rQCKTTXyZ+5MLmuudmLS0orFVL2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b731cbdab80a10c7850830d01feaae9_JaffaCakes118

Files

0b731cbdab80a10c7850830d01feaae9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1f431662e26aea57ed059cf3eff1689

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

CreateFiber
UnhandledExceptionFilter
ExitProcess
GetLocaleInfoA
IsProcessorFeaturePresent
InterlockedCompareExchange
VirtualQuery
HeapAlloc
ResumeThread
GetCommandLineA
GetSystemInfo
HeapReAlloc
EnumResourceNamesA
HeapDestroy
VirtualFree
HeapSize
VirtualAlloc
GetACP
SetUnhandledExceptionFilter
SetThreadPriority
RtlUnwind
GetProcAddress
LoadLibraryA
TerminateProcess
VirtualProtect
WriteFile

user32

SetFocus
UnionRect
CallWindowProcA
IntersectRect
UnregisterClassA
GetKeyState
RegisterClassExA
EndPaint
GetParent
InvalidateRect
GetFocus
IsChild
GetClientRect
IsWindow
RealGetWindowClassA
PtInRect
BeginPaint
CreateWindowExA

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ