0c06ba6fb569423f9ec3fdb9f61a41ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c06ba6fb569423f9ec3fdb9f61a41ad_JaffaCakes118
Size

49KB
MD5

0c06ba6fb569423f9ec3fdb9f61a41ad
SHA1

c0c192be4d40469a9bf45dc2b02998e6ba9ac615
SHA256

b4b977f74bbf114d9f33cf38ed4f4de66237abd782ba5cd7eb73cc5acccfcebf
SHA512

ee054811da29a963b2d87a4aa29cfdb2190cdac9bc877cc86bb6fcc23004eed14a9df09ee34122e68b09539fb568480907d3c95d25c401a101b47abe5f93298c
SSDEEP

1536:CU+MnerSHxPaDhp4UlvN4fcuslSHQnhIao9UiZ6WO:TyrS8Dhp5Kf+iQnE9U1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/movie1080p.mkv.exe

Files

0c06ba6fb569423f9ec3fdb9f61a41ad_JaffaCakes118
.zip
movie1080p.mkv.zip
.zip
movie1080p.mkv.exe
.exe windows:5 windows x86 arch:x86

f27a65460021bbc5e3efb1a50fae7fb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetCurrentDirectoryW
VirtualProtect
TlsFree
TlsGetValue
CreateEventW
GetPrivateProfileIntA
lstrcpynA
GetCurrentThread
VirtualFree
GetLocaleInfoW
GetModuleHandleA
GetModuleFileNameW
lstrlenA
UnmapViewOfFile
FormatMessageA
GetStringTypeA
GetNumberFormatW
DeleteFileW
GetFullPathNameW

wmadmod

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE