0d294fed012e3ab6feb46465b2a96301_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d294fed012e3ab6feb46465b2a96301_JaffaCakes118
Size

4.0MB
MD5

0d294fed012e3ab6feb46465b2a96301
SHA1

49ca210a3158ed9409116aaf5c7207e3575f5831
SHA256

e4caee281358e46ab6bd1e974d27dfb114268f9ce1d34ea421005c2c22b1ae07
SHA512

d0ce1747aef4ceb14c8b704201b02aa5cee502aa1b30e23458b9ce0bad66bc43de049b3496997400d46d4888924e9fbfe97892082d219ad5df19a4449da7fc7e
SSDEEP

98304:zHKoUd710BEDIFJHfkB6Ujf4s0vUcKUpx:zpUtOB2mMB6Y43Uc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d294fed012e3ab6feb46465b2a96301_JaffaCakes118

Files

0d294fed012e3ab6feb46465b2a96301_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eef7b6bc9bd1cf2215fe5d1fbe730ae7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ExitThread
VirtualProtect
DeleteTimerQueueEx
ExitProcess
ChangeTimerQueueTimer

user32

GetMonitorInfoA
GetClassNameA
PostThreadMessageW
PostThreadMessageA
IsMenu
RegisterWindowMessageA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ