0f60356013a04875c9e7570a3e8fe341_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f60356013a04875c9e7570a3e8fe341_JaffaCakes118
Size

159KB
MD5

0f60356013a04875c9e7570a3e8fe341
SHA1

7421e4e5d8cc3df675364cedf0982a3100b23ae6
SHA256

833d0582b9f436a19af5dc0c3430a45d07bbc69d4d9d8058e1d336e66bf1ed58
SHA512

b4aca8b341d4c5c3027831bb5f7135195c68bc6b867323455e21326757a43af5a66fc9f531c8c8127520d487bb91bb7ca756d721b442f3674d7023edf9538e1b
SSDEEP

3072:I3Hk0R9wSavli8UfaLeslkcW6Le7WbIqElXZxZWLwCoL2QQjBHphj:GHkmGfli8Cpxc72WbIflpxZWiL2QqBJh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f60356013a04875c9e7570a3e8fe341_JaffaCakes118

Files

0f60356013a04875c9e7570a3e8fe341_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7b9c71123aab6a1e9d2182b68b1b9a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeA
TlsAlloc
GetProcessId
GetStartupInfoA
EnumResourceTypesA
InitializeCriticalSection
ProcessIdToSessionId
TlsFree
TlsGetValue
GetFileType

oleacc

LresultFromObject

user32

GetUpdateRgn
GetWindowInfo
CreateWindowExW
GetDC
LoadCursorW
MessageBoxW
RegisterClassExW
EndDialog

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ