0d631c1ff7c00088b9183b82b751ee9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d631c1ff7c00088b9183b82b751ee9a_JaffaCakes118
Size

328KB
MD5

0d631c1ff7c00088b9183b82b751ee9a
SHA1

7fa2ec46cfd93515889ccf72954ed5318fd2e13e
SHA256

64cf6d03508c902b0c5bbb42ad0b6c1c9eb48d9cf69f04874b33d3888be8197b
SHA512

a510a7aaa80d01b07e3b3db828d2fe60fef2242f28e71454babc8f9045c680dbb13e384be1434f203a61c636b2a21fcf8eb4e3f750cc3630c216b42105534705
SSDEEP

6144:VxVpBMDHXxy+CdFr/GJS0hGaMUXjyIU4Ozwp05M8:/7OD3wDjTGJZcatjQXzksM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d631c1ff7c00088b9183b82b751ee9a_JaffaCakes118

Files

0d631c1ff7c00088b9183b82b751ee9a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8825c7b3f4770ef0f54a7664482e03eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetCommandLineA
GetStdHandle
HeapReAlloc
WaitForSingleObject
HeapCreate
GetSystemDefaultLangID
GetConsoleCP
InterlockedExchange
CompareFileTime
lstrlenA
GetModuleHandleA
WaitForMultipleObjects
VirtualProtect
GetVersion
SetConsoleCP
SuspendThread
SearchPathA
GetTickCount
GlobalUnlock
CloseHandle

user32

SetWindowPos
InvertRect
DispatchMessageA
InsertMenuA
FindWindowA
DragObject
CreateCursor
MessageBoxA
CopyImage
DestroyMenu
SetPropA
CreateMenu
GetKeyState
SetScrollInfo
DrawCaption
EnableScrollBar
DialogBoxParamA
IsDialogMessage
GetDlgItem
GetKeyboardLayout
GetCursorInfo
CreateIcon
DispatchMessageA

advapi32

RegEnumKeyA
RegCloseKey
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ