00a345a141e0749bfe61705e3fdaaf6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00a345a141e0749bfe61705e3fdaaf6f_JaffaCakes118
Size

32KB
MD5

00a345a141e0749bfe61705e3fdaaf6f
SHA1

6e95c59b0e969134b494caaf641aa276ab02700f
SHA256

43ccc2793f66324cf7b9fbbd98217de22170d2dbb240364545f4b535c4c5256b
SHA512

4e6f27880509a2e942cb01ead4aeb1b89387b5fe42b6fa72951236818fdfbb8700c3e6d73db512db2999c4170a4c5112e4116ce60d5c464b84e50a62b9d5ddba
SSDEEP

384:4H4gRTWKsrP8NVoLUOgCa+AtcvNpHbOc/3t57eyhne:fb8NHOD9lzLPQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00a345a141e0749bfe61705e3fdaaf6f_JaffaCakes118

Files

00a345a141e0749bfe61705e3fdaaf6f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4278480a3186073fb1ab5bf06d0588eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCommandLineA
ExitProcess

user32

CharNextA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE