0ec18f975812aa145dfc5b0c28f951ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ec18f975812aa145dfc5b0c28f951ce_JaffaCakes118
Size

1.5MB
MD5

0ec18f975812aa145dfc5b0c28f951ce
SHA1

17ae274f89b1400659f939fcc3af5a664c758cfe
SHA256

dc820ad5850671c8d94424753b136e8b8768b3b5dc5c25d499c70d72745944ee
SHA512

d3d59120d827fdd8f0421e9a004529ff255589a0b3d6ee19ec64681156ddda31471b5a9174366c5064516714be1c60008eb828d6528a6147788a882448c1ecc3
SSDEEP

24576:C6hRZf9b3NNKv5hSlXdqPeIFtT1if45Wg+IWy:5RZf9bdYv5AlXdqGaR1ifzg+I/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ec18f975812aa145dfc5b0c28f951ce_JaffaCakes118

Files

0ec18f975812aa145dfc5b0c28f951ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

314a8e14a8d7f8fdce5ae404fa086d52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerifyVersionInfoA
FindNextVolumeMountPointA
SetComputerNameExA
GlobalFix
LZCloseFile
GetVersion
GetProfileIntA
IsProcessorFeaturePresent
VirtualAlloc
WriteConsoleA
SetThreadContext
EndUpdateResourceA
ReadConsoleInputA
EnumResourceNamesA
ClearCommError
GetThreadPriority
GetNumberFormatA
SetProcessPriorityBoost
HeapFree
GetConsoleMode
GetCommState
GetVersionExA
GetTempPathA
FileTimeToLocalFileTime

dpnlobby

DirectPlay8LobbyCreate

advapi32

CredFree

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 832KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ