0c6979da059f37d6fb8f7ff88829a94e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c6979da059f37d6fb8f7ff88829a94e_JaffaCakes118
Size

315KB
MD5

0c6979da059f37d6fb8f7ff88829a94e
SHA1

462614234be16b212afa552d3eaadeaa281f5f05
SHA256

f9fd2eed1cf4984153371639c62dcd478406f272b43d754887a7484ff2e2417a
SHA512

13560b07beba9296b73dc838547241c31e859baecc1772dc86225d782feb60f53a358aff27991199d9357e183acc319b6d2df370da92c33c7c33b72f9e04b7b3
SSDEEP

6144:Gs4rfYwXCIq6BU5l8iHtDprW7e6AabtisH9fETmQrW/kYo/dTjLKI5pu0:kzYCC20l8atDtW1vvHaTliknlRu0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c6979da059f37d6fb8f7ff88829a94e_JaffaCakes118

Files

0c6979da059f37d6fb8f7ff88829a94e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abf57bab7c4b7997cbd2543a55eb15a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
HeapCreate
ReleaseMutex
GetStdHandle
RemoveDirectoryA
GetLastError
GetACP
EnterCriticalSection
SetErrorMode
FindClose
FindFirstFileExA
SetEvent
RaiseException
VirtualProtect
InterlockedExchange
ResetEvent
GetLocaleInfoA
GetCommandLineA
GetSystemDirectoryA
GlobalFree
Sleep

user32

ValidateRect
GetWindowTextA
DrawTextA
FillRect
EndPaint
SetForegroundWindow
ReleaseDC
FlashWindowEx
GetActiveWindow
FrameRect
GetCursorPos
wsprintfA
IsIconic
GetWindow
ShowWindow
BeginPaint
GetParent
GetFocus
GetClassNameA

dnsapi

DnsApiFree
DnsApiAlloc
DnsFree
DnsStatusString
DnsApiRealloc

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ