0b781a98f2fb10f1dc4513e32c02deb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b781a98f2fb10f1dc4513e32c02deb5_JaffaCakes118
Size

746KB
MD5

0b781a98f2fb10f1dc4513e32c02deb5
SHA1

ec2b6aa38f99c4e3b08fdd3416f3d30aee49d460
SHA256

3372a9755071fa29f47031b1ee6930ba450e3b9537cfdf40261256b765046ae3
SHA512

1faf358d71c1d4a67b9294f9039afc288ec7d05923d2a315283d1c21674759a808f393fe473e83f15f3f55cf3736e7ceb131c7d62a49a2206c4fec8d5a63b6be
SSDEEP

12288:Tw628fbCPFzqNmFS7bfdTGYrizr5U1/s3Hplgowal2yOMStexo9fKdV6/kqjezgY:rrfbCPFomF+D+ZUC3JlgUlu6xo86/kn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b781a98f2fb10f1dc4513e32c02deb5_JaffaCakes118

Files

0b781a98f2fb10f1dc4513e32c02deb5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

718b2883cbebcc1d8c273de6c705bd5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetCurrentDirectoryW
GetCommandLineA
FindVolumeClose
ExitThread
MapViewOfFile
SetFileAttributesW
GetFileType
GetDriveTypeA
GetFileAttributesA
GlobalLock
WaitForMultipleObjects
FindVolumeClose
GetModuleHandleA
GetFileTime
GetEnvironmentVariableW
GetCommandLineW
LocalSize
lstrlenA
ReadFile
EnterCriticalSection
FindClose
HeapFree
HeapCreate
IsBadReadPtr

uxtheme

DrawThemeEdge
IsThemeActive
GetThemeColor
SetWindowTheme
OpenThemeData
CloseThemeData
GetThemeTextMetrics
GetThemeBool
GetThemeEnumValue
CloseThemeData
GetThemeTextExtent
DrawThemeBackground
GetWindowTheme

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE