0fbb2fa7d7fc04653181c6142519cf49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fbb2fa7d7fc04653181c6142519cf49_JaffaCakes118
Size

191KB
MD5

0fbb2fa7d7fc04653181c6142519cf49
SHA1

514ee2848a91e5b55d6bdb2fce257f67d76d2414
SHA256

8c88ad5e3cb6b714bfc5b2ea891f20b9fd520e50ae6b4147a3360ca6d98a2856
SHA512

991a7004a7a5f0fbae8ee5b8348a3f18bca4577e14d08819cdade810c2a5fe3ff30bc14486e2f3f8f763b5f70d647d380851d6beef2876d65dbb4790f1bcafbf
SSDEEP

3072:FnGp5qb0Yb8/3fCHdx3n2hS1lgl8cVac5ucHmrlSV6evOxPgIipE+ZfQay6E0/mS:Fm5qb0w8/fC9xt1yl8cYcscGS6kOxII4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fbb2fa7d7fc04653181c6142519cf49_JaffaCakes118

Files

0fbb2fa7d7fc04653181c6142519cf49_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Unifying\Data\Format.jhg

Exports

Exports

SetScreen@16
SendPointA@16
OnObjectNew@12
IncrementObjectOriginal@4
LoadStringOriginal@16
FindConfigEx@12
ValidateAppNameNew@12
SendClassOld@12
ShowVersionNew@4
RtlHeaderExW@12

Sections

.qhma
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.iJwkuN
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zoZn
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lvuFa
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ