0c641bb3c1e848df0824dbd707f93d2f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c641bb3c1e848df0824dbd707f93d2f_JaffaCakes118
Size

3KB
MD5

0c641bb3c1e848df0824dbd707f93d2f
SHA1

1ec9e67113072aa4da705d34d4a8f69bb70669bd
SHA256

7e4c806cbb2baba7380aa116676559a4476f58e1ffd34c9c543aa275fa377ba7
SHA512

d18dd3e75a61638591ab1c6d51b0527f96f7e24035de8fedb988c149f3c0d875240c94ca124f0fe0ce3705f62e288e6721d56f04804cb1332a1b0d492e0698c0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c641bb3c1e848df0824dbd707f93d2f_JaffaCakes118

Files

0c641bb3c1e848df0824dbd707f93d2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bfde1223391e32fec766cd1d41fa3e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strlen
malloc
memset
_sleep
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit

kernel32

CreateProcessA
CloseHandle
SetUnhandledExceptionFilter

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 765B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE