0d06025b47503762028ecb259fd04ea0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d06025b47503762028ecb259fd04ea0_JaffaCakes118
Size

23KB
MD5

0d06025b47503762028ecb259fd04ea0
SHA1

e72d0c1b1ab62c3c9ff5338106f6d32c8c5df6e0
SHA256

b343fa486dc9432ec72258b7da7c908c7bf21ebc525675d84721723c671b3d0c
SHA512

052563483c7fe77c4a50fb839fb3d92295afdf0074b6bc39d59ef85fe450dd22c2c78422b33bbbe5a6e6b7094ba6678ec209c982d245d5536ba24cbec524a763
SSDEEP

384:vzNmTc6B4MicY8adduFo5Fow1v05r/QXiWNCViyQSEuT5F0Ez8M5FoAh61N:GcKOdwAqCl3yBT5tz8M5hh6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d06025b47503762028ecb259fd04ea0_JaffaCakes118

Files

0d06025b47503762028ecb259fd04ea0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44c79d79498621c704ad9570aa839d51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileSize
CreateEventA
lstrcpyW
IsBadWritePtr
ReadFile
LeaveCriticalSection
CloseHandle
lstrcatA
HeapSize
GetStringTypeA
GetLastError
SetFileTime
LoadLibraryA
GetModuleHandleA
InterlockedExchange
GetExitCodeProcess
HeapCreate
SetFileTime
GetStartupInfoW
SetConsoleTitleA
SetFileTime

mstscax

DllGetClassObject
DllUnregisterServer
DllRegisterServer
DllCanUnloadNow

shell32

DragAcceptFiles
SHGetDiskFreeSpaceA
StrChrA
SHGetSettings
ExtractIconA
DragQueryFileA
SHFree
DuplicateIcon
DllUnregisterServer
ShellMessageBoxW
DragFinish
SHGetMalloc
ShellAboutA

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ