0ef6b3ae7bc86757d8dadd34eeba535e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ef6b3ae7bc86757d8dadd34eeba535e_JaffaCakes118
Size

2.1MB
MD5

0ef6b3ae7bc86757d8dadd34eeba535e
SHA1

6dec3bae83c06b746d4f71bc8dc6624df8435b51
SHA256

9be0033cbe394126b7df6adac9aa7655c5afa0e4256c63254b82a1829b338d4d
SHA512

13dd799033a33415fdcb22b26e38ff4b3a381bf8a62d79110cb048f218bb9315b27a79f504ad77a54625a39adc90437ecd0b9f9df696239138e86fee5e524402
SSDEEP

49152:W9XTHJqO5LtL0QE8UAumniu5xhsBQEA1VR5hbliJCV9VQkR:W9jH99tL0yuAiyhiQr1VRdiJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ef6b3ae7bc86757d8dadd34eeba535e_JaffaCakes118

Files

0ef6b3ae7bc86757d8dadd34eeba535e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a56f115ee5ef2625bd949acaeec66b76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

Sections

Size: 30KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aavtbyza
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jnexrxme
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE