0a5c2cb49695f312d4fcd4db98fdfa28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a5c2cb49695f312d4fcd4db98fdfa28_JaffaCakes118
Size

16KB
MD5

0a5c2cb49695f312d4fcd4db98fdfa28
SHA1

c35c8dcdd2fc692d309e76ba4f04b0a8e7432987
SHA256

f5a621e09d57491b9df88cbf400872376beb97e9879601c3a7b479c7fa39d260
SHA512

8fe673576cd9d011377fc3088927ee1065a9ca2e5d3c4da6813ec04f0db9a3d2a1ee8ca07ab60498d47b710fe12e54764ce44277aed6c0a1e3f272e0262d0d35
SSDEEP

192:zGz1eEFW46/Qren84NwidrrAoCSjJct/V7771axMVm0osQf9QKGNYdwkiQJ5Zu:EwnjdrrLCS9cf7JaqVm08QoKkiWZu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a5c2cb49695f312d4fcd4db98fdfa28_JaffaCakes118

Files

0a5c2cb49695f312d4fcd4db98fdfa28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e5509fc08199fda59c06d2ab67f46dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GetCommandLineA
ReleaseMutex
FreeLibrary
GetProcAddress
LoadLibraryExA
SetCurrentDirectoryA
SetErrorMode
WaitForSingleObject
GetLastError
MapViewOfFile
ExitProcess

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 481B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 523B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 650B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ