0557ebb064d90f48fc4a9bd9b59942b2_JaffaCakes118 | Triage

Sharing

General

Target

0557ebb064d90f48fc4a9bd9b59942b2_JaffaCakes118
Size

32KB
MD5

0557ebb064d90f48fc4a9bd9b59942b2
SHA1

18613fc7fa3419b7b485b3584e2b93309abd0df3
SHA256

981ddf8d0ef1f0d7354fb49a99b837a4c9f18e1c14404650ff056c48995c1cb2
SHA512

e1346b3537ca5d3d3787879b79dbf70302eb911a34ad67c8ebc1ca8bc5ceed77dd4c1782317be3e5b7c9b532c98bdb668e4ef39a1e78d248bc7ea6e091e948b8
SSDEEP

384:4I4gRTWKs0nLw60GJdWXKVonXZabIfchK3n+ULLm9EqWm6wk/B4V:AmLqGfqKmXZaMEY3n+ULLQqZwgB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0557ebb064d90f48fc4a9bd9b59942b2_JaffaCakes118

Files

0557ebb064d90f48fc4a9bd9b59942b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4278480a3186073fb1ab5bf06d0588eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCommandLineA
ExitProcess

user32

CharNextA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE