0e7b0c3aaf008b3497bdc4b46410c020_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e7b0c3aaf008b3497bdc4b46410c020_JaffaCakes118
Size

134KB
MD5

0e7b0c3aaf008b3497bdc4b46410c020
SHA1

08156c8237742a04c359d2686cb22d616a17610e
SHA256

083f2380ae7431b094951ab00345dca955cdbe24c49c03f1d1b4794684b2868c
SHA512

44e13381a0a7d9ec5525659c0a47968c2c3324e79fc438825d06683371f1d8250f2a7c453415995bd4a7eb90df9f893e54983d29f2f083d9be43275634bd5e2a
SSDEEP

3072:FKy3JFS5T7QrhHQ1VDmD34FFmAfaH3rr2E8X9I:FKy3JFSBQICz4FFpaHGE8X6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e7b0c3aaf008b3497bdc4b46410c020_JaffaCakes118

Files

0e7b0c3aaf008b3497bdc4b46410c020_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30e41d76dd3e6950a9eadd3ecb3dfd62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
LocalAlloc
DeleteFileA
LoadLibraryA
FindClose
VirtualAlloc
EnumCalendarInfoA

user32

GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetMenu

Exports

Exports

_o_AAP0U@16
G017Ujx15
_XEVOSL@20
Yjr0Q@4
TSQiKw87LsIcm3
PIGODe@24
_SfaPIK@4
lcnYYxNGEDvYJn@12
5Ono5PiZh

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text