0a9687da6f4cdae893b6837fce974712_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a9687da6f4cdae893b6837fce974712_JaffaCakes118
Size

344KB
MD5

0a9687da6f4cdae893b6837fce974712
SHA1

3754cfddda21fe8054d50cd8c2f52bf98cb09e4c
SHA256

d2c20dcf7d14023e8d53e264797b58231fa0eae6b7baba2cf27ea3056276c715
SHA512

a873d5888321c35dedd3a19aa97c557952d544be8661b5ec1421cd6d88831bd8fe1b3875dd1bc33ce40d1ac5e01e717a5fb52142e6361f0d23e965585e12ff6d
SSDEEP

6144:iPxCznzUUbkYLbOsdpO4ZOGYUcZAU6x3Y+92j1UQm:+x6zUUIYHZdpL1ZtY+M1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a9687da6f4cdae893b6837fce974712_JaffaCakes118

Files

0a9687da6f4cdae893b6837fce974712_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9d32dee28fc81e5e6366f371901c5c3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetSystemInfo
SetConsoleCursorInfo
HeapAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
SetConsoleCtrlHandler
HeapFree
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
IsDebuggerPresent

user32

GetSystemMenu
GetSystemMetrics

gdi32

GetSystemPaletteEntries

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ