a0b3d2f1b0af90836a034d23adbcda6f_JaffaCakes118 | Triage

Sharing

General

Target

a0b3d2f1b0af90836a034d23adbcda6f_JaffaCakes118
Size

170KB
MD5

a0b3d2f1b0af90836a034d23adbcda6f
SHA1

e689b5375b4426ed5c95d8f5f32383630dcf2a0d
SHA256

249d7d5ff6c2c545edd1dc181ff5ffda65b8a657bc7a7a3a429650cc8678bc71
SHA512

4aacc97b1df2a3ebb2708f0d262ab3096c59dd568f758e2df648c73bbe097720c6cd62a069b6bb6268fbf46274d986504f8c3e7651de79429cdc369cc4f63444
SSDEEP

3072:ep/vouliHcfg841LWyA0RlHvtlueXJhF3FeOZpkiyvaMNGYJaUPWmP:6vouli4gdA0Dl8eX/F3XpWNGYJaxmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0b3d2f1b0af90836a034d23adbcda6f_JaffaCakes118

Files

a0b3d2f1b0af90836a034d23adbcda6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94bc6c25964e3d2c1a936962b9417bb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetNextVDMCommand
FreeLibrary
FindResourceW
FindFirstFileW
SetThreadPriority
GetLocalTime
CompareStringA
LoadResource
FindClose
SetErrorMode
FileTimeToLocalFileTime
EnumResourceNamesW
FindNextFileW
SetEnvironmentVariableW
RegisterWaitForSingleObject
LocalFileTimeToFileTime
GetStringTypeW
SystemTimeToFileTime
FileTimeToSystemTime
GetShortPathNameW
SetCurrentDirectoryW
SearchPathW

user32

SetCapture
InvalidateRgn
RealGetWindowClassA
ValidateRect
GetCapture
ExcludeUpdateRgn
ValidateRgn
ReleaseCapture
GetUpdateRgn

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ