0b802b0eb07a3573b7125bb33572e355_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b802b0eb07a3573b7125bb33572e355_JaffaCakes118
Size

134KB
MD5

0b802b0eb07a3573b7125bb33572e355
SHA1

adca2cc1dc2c5281b78e27dc7d01305f2f84f12d
SHA256

64865d10bc832e8522e1b2baf440c1e5060eec16940404f21169f01245644e0a
SHA512

e90e5522e4ea032171b645fae3693892a947c5fe188064dd1e195e08ae4cdfa53aa486c01c80f86e63d5f334a44460cf9f5954229efe87a47f7b12d2fc1285c4
SSDEEP

3072:zy75OxPNym5CGQ4fjKcW2vnaCVgMMGaekFUuBcmxvcn2vYYOd7Hy5l:zyFOxQm8L4fjKD2vjVCWmxXYYOdO7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b802b0eb07a3573b7125bb33572e355_JaffaCakes118

Files

0b802b0eb07a3573b7125bb33572e355_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8772509c8444a21d465edc58b2f3df98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetActiveWindow
GetClassInfoA
InflateRect
DispatchMessageA
GetMenuState
GetWindow
PeekMessageW
GetWindowLongA
OemToCharA
wsprintfA
LoadStringA
CreatePopupMenu
CharLowerBuffA
ActivateKeyboardLayout
UnhookWindowsHookEx
GetWindowRect
RegisterClipboardFormatA
DefMDIChildProcA
GetKeyState
GetKeyNameTextA
GetKeyboardLayout
DestroyCursor
TrackPopupMenu
ReleaseCapture
DestroyWindow
ShowScrollBar
GetMenuItemInfoA
SetClipboardData

oleaut32

SafeArrayUnaccessData
VariantCopyInd
RegisterTypeLib
OleLoadPicture
SysFreeString

kernel32

InitializeCriticalSection
GetCommandLineA
VirtualAlloc
RaiseException
Sleep
GetCurrentThreadId
LoadLibraryExA
GetModuleHandleA
FindResourceA
lstrcpynA
ResetEvent
GetEnvironmentStrings
MoveFileExA
GetProcAddress
FreeResource
GetStringTypeA
CompareStringA
GetLastError
ExitThread

Sections

CODE
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ