00e52967bdf5bd8cf90c8133792425ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00e52967bdf5bd8cf90c8133792425ae_JaffaCakes118
Size

182KB
MD5

00e52967bdf5bd8cf90c8133792425ae
SHA1

7206d4d7cbf3142dbf23e7e0c8b9e7f5834d049a
SHA256

4c04ca901319c588c6b185b491c319cddfacf7ba6770977fe88fe66499e5c8a6
SHA512

c61cb5ad6418f670cba64ddef69ba4df3388740f1a07acb5a8fa6b6898e53b1579059e28a07a2a64ce0324b0ffe27be0cd671e83fbcedf5e36b074218e747109
SSDEEP

3072:pmIxu2uI/e/+5iLndVvcQgKRNoDc20W6WdntWBZAPRBYpbw7Lu+bkaHQDrg1:pdxPJ7i5eQRacNW6ontWbAZBybULnHQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00e52967bdf5bd8cf90c8133792425ae_JaffaCakes118

Files

00e52967bdf5bd8cf90c8133792425ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a964ea4915ebf67cf66a90b822cb2c0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingW
OpenWaitableTimerW
GetTimeFormatW
GlobalAddAtomA
BuildCommDCBAndTimeoutsW
IsBadHugeWritePtr
GetStartupInfoW
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

SendNotifyMessageW
EndMenu
DefFrameProcW
CharNextA
IsDialogMessageW
RealGetWindowClassA
DdeAccessData

Sections

.text
Size: 5KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE