0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118 | Triage

Sharing

General

Target

0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118
Size

81KB
MD5

0bfb94ee00d14fd7653b3b3b3acf05ff
SHA1

2195ce527f3ec1792fcfe0fb1737a64b0b4bc0e6
SHA256

8542d76f91b3ef548525058415751752cf5cc8c29af2eea2af92937da559665e
SHA512

10fbf107ec08aa5190967dba107264d5a7252e3bbc45a0ecbbb7a0c2544066c3345223496739d63950f0bce61ac59550c8b2268aff4db18b4cd997664d6dcd4b
SSDEEP

1536:zhYHJQ1Ufz4jyTZNQ29KtqIppPP6hclwSqjo1JSgXURz2A1p5:dKQ1aUyTA29KYwPihclJPez285

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118

Files

0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b43646fe5948e62bca4f3a9563c8ca89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
CloseWindowStation

Exports

Exports

InitTfvawsgga
AddLiotbgfo
Mmnbxrfv
Ubonmmffj
Bnotspjkdy
Heqrpcpvm
Sokqeagk
Ougfhhnv

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ