0c0b49984e05343c67c52b7a76b885bd_JaffaCakes118 | Triage

Sharing

General

Target

0c0b49984e05343c67c52b7a76b885bd_JaffaCakes118
Size

37KB
MD5

0c0b49984e05343c67c52b7a76b885bd
SHA1

3e55c363f7357bf12c973f20721a92d4d316f6b8
SHA256

cee2656e9def665fc86114169b87648ec76243289faa5194d05995154b9eb072
SHA512

11871a95bc7def2d1e20411a63b84f4a01b66984db63302d67f9b2ef61e4963279b4417a0e3e34f80f42352409bacbd694ff33b41762a19c79f4d5534578dd01
SSDEEP

768:TYSyLaG8o8KjFoj19TCv1KyhBqTfvv/wpvrsKx8QxlZbtY:TYHLX8VbuXqTfXmIKx8QVbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c0b49984e05343c67c52b7a76b885bd_JaffaCakes118

Files

0c0b49984e05343c67c52b7a76b885bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1431665acb936e7aba2754059e96ae4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetStartupInfoA
GetThreadLocale

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ