0f14d6e1c54d77610f2972feb6def5c1_JaffaCakes118 | Triage

Sharing

General

Target

0f14d6e1c54d77610f2972feb6def5c1_JaffaCakes118
Size

248KB
MD5

0f14d6e1c54d77610f2972feb6def5c1
SHA1

249c3683385ccc3233ac320d572990b98cf092a0
SHA256

a40450fbe085a4a23b10989a38c332a54cb4a900e024d411e24ea16126a493d1
SHA512

e9a8a9a7a0231526dad351198d6d72e61d09d53e53c6522e3e95d72aca0fa7a5508f066a78818ca9ae210dc4d2feb9b142f97f5ea25ea3ec56d14ed9505f8584
SSDEEP

6144:IrCcIbZIDRGw1rmTPyWTTYHgoLhHfmh481p:IGIDF1rmZTYHgoLq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f14d6e1c54d77610f2972feb6def5c1_JaffaCakes118

Files

0f14d6e1c54d77610f2972feb6def5c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71f2c0649f41810d7078793e60cae60f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToThread
FindFirstVolumeMountPointA
GetModuleFileNameA
GetFileAttributesW
GetOEMCP
SetEndOfFile
TlsSetValue
TlsGetValue
lstrcatA
AddAtomA
VirtualAlloc
DeleteFileA
GetThreadLocale
TlsFree
GetSystemDefaultLCID
lstrcpyA
GetUserDefaultLCID
GetModuleHandleW
GetCurrentThreadId
IsDBCSLeadByte
GetCommandLineA

user32

GetForegroundWindow
IsIconic
ValidateRect
GetActiveWindow
GetFocus
RegisterClassA
GetWindowLongA
GetDC
InvalidateRect
GetWindow
IsWindowVisible
GetSystemMetrics
GetWindowTextA
ReleaseDC
GetClassInfoExA
ShowWindow
GetWindowTextLengthA
CloseWindow
ReleaseDC

psapi

GetModuleInformation
EmptyWorkingSet
EnumPageFilesA
GetWsChanges
GetModuleBaseNameA
GetMappedFileNameA

msctf

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ