0b890e5933dee2a88ded5d331045b7a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b890e5933dee2a88ded5d331045b7a6_JaffaCakes118
Size

12KB
MD5

0b890e5933dee2a88ded5d331045b7a6
SHA1

ac0fe67b41162005d4edcba4a2338f99375b7b0e
SHA256

1a3b4eff0e9ad36dfd8f6846a200901d7f23510f7eff9c18bf868eb2947bada5
SHA512

bf1ce156031b2404b5ed56d073caba78c935a53b458db7d18115dbb0a9848e20141a00d307487efd7892e1f72a1357387299f904b3c766b0d8a44ac4ca29d091
SSDEEP

192:t+XcYGYAx7D1nbRYYA5VibZ6IaaSAn4ds:RYGP1ax3i6IaaSA4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b890e5933dee2a88ded5d331045b7a6_JaffaCakes118

Files

0b890e5933dee2a88ded5d331045b7a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e81fd9cb1fcc8e3e302b109ea6695f1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

1reatePipe
GetVolumeInformationA
1etStdHandle
1lsGetValue
1etThreadLocale
1lobalFindAtomA
1etProcessHeap
1etEvent
1etOEMCP
VirtualAlloc
1eleaseMutex
1reateMutexA
CompareStringA
GetModuleHandleA
GetExitCodeThread
IsDBCSLeadByte
CreateThread
GetConsoleCP
GetPriorityClass
GetUserDefaultLangID
TlsFree

user32

ValidateRect
GetWindowTextA
GetWindow
GetActiveWindow
GetClassNameA
CloseWindow
ShowWindow
IsIconic
GetForegroundWindow
InvalidateRect
DrawTextExA
ReleaseDC
RegisterClassA
GetDC
GetSystemMetrics
GetClassInfoExA
GetFocus
GetWindowTextLengthA
IsWindowVisible

shell32

SHGetMalloc
SHChangeNotify
SHBrowseForFolderA
SHGetFolderPathA
SHGetFileInfoA

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ