0c7606e3f2f8ae8b8b04b27392fc2be0_JaffaCakes118 | Triage

Sharing

General

Target

0c7606e3f2f8ae8b8b04b27392fc2be0_JaffaCakes118
Size

95KB
MD5

0c7606e3f2f8ae8b8b04b27392fc2be0
SHA1

041e42a273c91aada00fa17ff08ca62a755fbd6b
SHA256

66473b4875a5acb6c72d45321335065839c7607678e0dd9bf028508895d96f9b
SHA512

6971700773c07bdd25c171daadab7efb8405b6b975b6bd9e71aa028429c7cae00506dbf23060418e6e2d37c3657a8af3b54ae79c3f4e9b99ecc8397aa3f426e1
SSDEEP

1536:cNEtQrCwzs6yO+s8iiUExoM/ygXNRxkusQRDV0sK1MbFUJno:cNPCwzDyFs8iyoM6gX5YQRB0sjad

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c7606e3f2f8ae8b8b04b27392fc2be0_JaffaCakes118

Files

0c7606e3f2f8ae8b8b04b27392fc2be0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db6c5c35341ddc13d85bfdde2ab47499

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetDriveNumberW
StrCmpLogicalW
ord29
PathIsSameRootA
StrStrIW
StrPBrkA
PathIsRootW
UrlCompareA
PathGetCharTypeW
UrlGetPartA
ChrCmpIW
StrToIntA

kernel32

lstrcatA

user32

LoadBitmapA
IsMenu
IsCharLowerA
GetActiveWindow
GetProcessWindowStation
GetClassLongA

Exports

Exports

?LormDelete@@YGXUverifyEw@CA7
?LormSelect@@YGXUverifyEw@CA7

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.one
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.void
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 1024B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ