0ee4d51d5a0f9aea8ca8723f42767360_JaffaCakes118 | Triage

Sharing

General

Target

0ee4d51d5a0f9aea8ca8723f42767360_JaffaCakes118
Size

133KB
MD5

0ee4d51d5a0f9aea8ca8723f42767360
SHA1

f5bebe9f448a784b981bfdb096aeae5a5ef86699
SHA256

ed04eb1edb5cc01abc6c2bf6704e1684bbc8c4f7bd0a85ea41801d0296c12c35
SHA512

5633b37c1f61f29a5e30edc788ec15ea01c727ca76d82d9a54e699a21e20800d78d5da7809a5680ebad8a3af4656804d056783a0b6cf27e478fe45c09d48d3c8
SSDEEP

3072:2Y0j+T3dEUG2BKu10Q7IWqrmxBd0ydo09BFUQGB:31dEUG2Vj8WqrmxBd5DDW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee4d51d5a0f9aea8ca8723f42767360_JaffaCakes118

Files

0ee4d51d5a0f9aea8ca8723f42767360_JaffaCakes118
.exe windows:4 windows x86 arch:x86

138454a318e52911418dddece3365503

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
lstrlenA
FindClose
EnumCalendarInfoA
GetCommandLineW
VirtualAllocEx
ExitProcess
LoadLibraryA

user32

LoadCursorA
PostQuitMessage
PeekMessageW
DrawMenuBar
GetActiveWindow
PostMessageA
CharLowerA
IsWindow
PtInRect
IsWindowEnabled
GetTopWindow
RedrawWindow
LoadIconA
GetMenu

Exports

Exports

6zfGyJW0Hysx
_bzCnYrgNBKL
_KFcBuDUlk6tK
CpL4vG_VRzWH
nOJDlkloI_Np@12
_DzWI9PQeoLlVx
_pVFXERQc_
C1DhOCraYv
rrR5IUUn@16
_5ApG8bXy4bWwjT
_bkZ7F87WTzflq
cXcQddXm

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text