0c88618e366ff28555dda25b4509dfd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c88618e366ff28555dda25b4509dfd6_JaffaCakes118
Size

218KB
MD5

0c88618e366ff28555dda25b4509dfd6
SHA1

4dc1bae7baa058730ee6fb822ff892ebe98be278
SHA256

946f09981fb0161f81c9baf7db01d41457479f5e65c74fc40adf948fb3d209bf
SHA512

6867a19df82290cd4ca56d2ce9ed3747972d62697e9b77bc2a05a75ecc24268cf490e0ab516b77581705ac1e3e50936ffe4092c88b69503c234ba355ab75329d
SSDEEP

6144:l6syWB90GaTkczYt/sclTR6Yc9qwUfmf5O6iSI:sHOWYt0clr+hOJS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c88618e366ff28555dda25b4509dfd6_JaffaCakes118

Files

0c88618e366ff28555dda25b4509dfd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db4a0070cabf111ade9b2df3b238196f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualAlloc
VirtualFree

user32

GetGuiResources

Sections

.text
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ