0d770b9be2e5946b5889718249b4d5c6_JaffaCakes118 | Triage

Sharing

General

Target

0d770b9be2e5946b5889718249b4d5c6_JaffaCakes118
Size

4KB
MD5

0d770b9be2e5946b5889718249b4d5c6
SHA1

c5c97cf0ba3dc9c3afb7a6ab7d0edba20184fb7a
SHA256

bb6e633a0b707a11304843c250d32fc9902c1938c2a07c3161e529f66255e0a0
SHA512

c7f934ffc9db9cc47fe65e3c9eec978e3055e46fa8d720b377676a90df44f36766da0249f847256e43d08025089d8516f5adfe5f0efb41515eebf62063a972a0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d770b9be2e5946b5889718249b4d5c6_JaffaCakes118

Files

0d770b9be2e5946b5889718249b4d5c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5f9b3b361ed350f442e11e380aaf02f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterW
GetCompressedFileSizeA
IsBadStringPtrA
GetWindowsDirectoryW

user32

SystemParametersInfoW
CharToOemBuffW
MapVirtualKeyA

gdi32

GetICMProfileA
GetObjectA
GetCharacterPlacementA
GetOutlineTextMetricsA

Sections

.fasm
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 512B - Virtual size: 463B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ