06d22095b262fbfcd2475fd9ac686206_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06d22095b262fbfcd2475fd9ac686206_JaffaCakes118
Size

4KB
MD5

06d22095b262fbfcd2475fd9ac686206
SHA1

7bbcbaf06212223b53c373de578ab7fe82ca2adf
SHA256

21f647da395f18ceee102fbed06cd55b25314c0379d53b84ed68f54a2a654bd4
SHA512

a5dd702b86ba9e440a67d5977aa8b8de979b7cd6c41b8bac60437c11c0b41dfedd217a388bb9f4395f84e52d98e6f8e737eafcca4d14f94482d49cef2ec836ea
SSDEEP

48:qA2BUfdcnMWUUmuPUNU9lFshlsBvR9SO4H+bogF0nUL1zh:XzunTLbr8ON2eV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06d22095b262fbfcd2475fd9ac686206_JaffaCakes118

Files

06d22095b262fbfcd2475fd9ac686206_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f8562e488897b5732006be4981ac93eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LocalFree
CloseHandle
WriteFile
SetFilePointer
ReadFile
GetFileSizeEx
CreateFileW
LocalAlloc

user32

MessageBoxW

comdlg32

GetOpenFileNameW

shlwapi

StrCmpNIW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ