0e1ee54a3ab643631e978a62ff96df84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e1ee54a3ab643631e978a62ff96df84_JaffaCakes118
Size

83KB
MD5

0e1ee54a3ab643631e978a62ff96df84
SHA1

7286c8c6afb65d1bdaf8270eb71bde6771836d3d
SHA256

ecc3034223ec2be6ffc64bc193bcd2903883231e7fd8924da0b3aaf3428a4e01
SHA512

de88bf4b24e66bb3cd9fe4d32d8262c0a2210c326df6260674cef46c10009fd06fe2c94b42b6eb4bfcc974d37a87e9cafd32c535c9b8bf74d824c43a4a359711
SSDEEP

1536:XIlDmTneNXfZY6zJYvnV1+k0vTgLypjVrs2ryrd1vUQuqUfsy:XcmTeNBY6zWvnV1jEHs2qV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e1ee54a3ab643631e978a62ff96df84_JaffaCakes118

Files

0e1ee54a3ab643631e978a62ff96df84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d005cb6db7bc5155853170e8c2259e47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
FindNextVolumeW
EnumSystemCodePagesA
LoadModule
GetSystemDefaultUILanguage
SetFileApisToANSI
GetModuleHandleA
FindNextVolumeMountPointA
Process32First
InitAtomTable
SetConsoleDisplayMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE