b0eae1540c14622b7832d2d355f865de_JaffaCakes118 | Triage

Sharing

General

Target

b0eae1540c14622b7832d2d355f865de_JaffaCakes118
Size

40KB
MD5

b0eae1540c14622b7832d2d355f865de
SHA1

7a23b4f34fac2e78ba1292adf6a5ddc70bd8cf8d
SHA256

f82c15b27b04c7f112eb19cb1ee7e33aafea600517e294cfb883846802ff336c
SHA512

04eb461e9fe031d8671c8886673dc59888107be330280c39cefae62374da26dc83f593193d550c43b3dcd76ef2ce0e6f2e2685284987aecde70b5d9fd762beee
SSDEEP

768:DYeP3nOFDB4d2WBluyKfG8V8hdNnvAaEsehn1YmfWKo7D0fScDy:DWBUoGImn1Kn1YmfWKDfScDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0eae1540c14622b7832d2d355f865de_JaffaCakes118

Files

b0eae1540c14622b7832d2d355f865de_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b969a4292b6adc6ecd598af9e2e495b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

advapi32

FreeSid

user32

CharNextW

oleaut32

VariantClear

ole32

CoTaskMemFree

loadperf

LoadPerfCounterTextStringsW

Sections

.MPRESS1
Size: 33KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE