0e8e2a3d12c7e408f514075f6e7cc0ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e8e2a3d12c7e408f514075f6e7cc0ee_JaffaCakes118
Size

817KB
MD5

0e8e2a3d12c7e408f514075f6e7cc0ee
SHA1

a8375f9a049bdf12d0419345ef5d3e798124d7ab
SHA256

4a39ea58429ac9f119e1f29628f4d7a23a07f266d1610dcb1a3550df4244e7cc
SHA512

d00e2da05818734664f87834e8ab15d79dce25d7c87b33d9f23b981e76ddcf7ef91bb589dfa5f85f7b7b27a6cbeac717a1e884f207fa7cc080f2ca59845b2ac7
SSDEEP

24576:I4Mxbjpr1xLPiAo1zwffnLOjlwLP2sfl6:0fpr/i/snLXPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e8e2a3d12c7e408f514075f6e7cc0ee_JaffaCakes118

Files

0e8e2a3d12c7e408f514075f6e7cc0ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e627a247d3e575959db21b938c74dd82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentDirectoryA
GetDiskFreeSpaceW
GetFileType
GetModuleHandleA
VirtualFree
VirtualProtectEx
lstrcpynA
CreateDirectoryW
lstrcpynA
GetCurrentThreadId
ReadConsoleA
lstrcpynA
lstrcpynA
GetPrivateProfileIntA
SetThreadPriority
lstrcpynA
lstrcatA
lstrcpynA
OpenMutexW
lstrcpynA
lstrcpynA
GetFileSize
GetCommandLineW
DeleteFileW
lstrcpynA
FormatMessageW
lstrcpynA
ReadFile
lstrcmpA

certmgr

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ