0dfd4356e1a431a25114e95c48047994_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dfd4356e1a431a25114e95c48047994_JaffaCakes118
Size

110KB
MD5

0dfd4356e1a431a25114e95c48047994
SHA1

33306bd961010fb9bc44554be31b93bc05b0764c
SHA256

98a41f7039b8063be3bab8a9c94b6c943211de0614893478d74856fefeafc275
SHA512

0ec7d2790a0794bde99e5d821353c11a9a69f052f1be48af609f394874dfbf929f880e648b0f2873a65974b296fa725a48479a3eaeb741495b40b33d0b42e900
SSDEEP

1536:5Z6okAcnn3C5F2U4NZBGXMQ5drB9cEsyLXNAOHroLJESRT+nk45U1w89nu4cGJFC:5Z6lAQEH4NGcQfrTQkdAgoL+Vkweyb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dfd4356e1a431a25114e95c48047994_JaffaCakes118

Files

0dfd4356e1a431a25114e95c48047994_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b343731952b6e4319b413c288ec1a9de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetEnvironmentStrings
lstrcmpiW
GetModuleHandleW
GetLocalTime
GetFileType
LocalFree
OutputDebugStringA
GetStringTypeExA
MultiByteToWideChar
SetHandleCount
SetFileAttributesA
VirtualProtectEx
GetSystemInfo
GetCommandLineW
GetStdHandle
SetErrorMode
OpenProcess
GetProcessHeap
GetProcAddress
GetStringTypeW
SetCurrentDirectoryA
VirtualAlloc

msvcrt

__p__fmode
__p__commode
calloc
_exit
__p___initenv
_XcptFilter
__set_app_type
_initterm
_adjust_fdiv
__getmainargs
__setusermatherr
free
_except_handler3
_controlfp

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ