0e95cc5e6e3b58f94fa378d272fe81bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e95cc5e6e3b58f94fa378d272fe81bf_JaffaCakes118
Size

64KB
MD5

0e95cc5e6e3b58f94fa378d272fe81bf
SHA1

9bc1582b0926e6c49bc8bf64866acc18f8dbdc34
SHA256

002071dc55a001ab42f05afff273ac214278947d2d78fd88a773a0c31101281e
SHA512

f550e4d9f424ee3c4222f88ebd0b83645524e49db7dab9153dc88a1b7c219f247c22908dc78ba4d4604488a248dbb38b82f73c83ec748d2e4388311c5ca27c6b
SSDEEP

768:jkbuA3UxQfX3gx10Cfwiby5J1CehzThtGSKJjDT6vJYpbC3MWLcF8ERZyZ+p:jkyA3USfwD0CYiTY9KJjf6hYITLc6eS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e95cc5e6e3b58f94fa378d272fe81bf_JaffaCakes118

Files

0e95cc5e6e3b58f94fa378d272fe81bf_JaffaCakes118
.exe windows:8 windows x86 arch:x86

b5c2719b5b8b5fbb6530c97dc1760321

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
ReadFileEx
SetEnvironmentVariableA
GetLongPathNameA
LoadLibraryA
Sleep
Heap32First
GetLogicalDrives
GetPrivateProfileIntA
GetPrivateProfileIntA
lstrcpyW
GetDiskFreeSpaceW
FindResourceW
lstrcmpA
GetExitCodeProcess
InterlockedDecrement
HeapCreate
GetStringTypeW
GetCurrentDirectoryA
GetPrivateProfileSectionA
GetDiskFreeSpaceW
GetModuleHandleW
InterlockedIncrement

apphelp

SdbCreateMsiTransformFile
ApphelpCheckIME
ApphelpCheckExe
AllowPermLayer

clbcatq

CheckMemoryGates
CheckMemoryGates
SetSetupSave
DllGetClassObject
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
SetupOpen
SetSetupSave
ComPlusMigrate
ComPlusMigrate
SetupOpen
SetupOpen

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE