6a7ee5e0770da516a058107d8d41c067_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a7ee5e0770da516a058107d8d41c067_JaffaCakes118
Size

43KB
MD5

6a7ee5e0770da516a058107d8d41c067
SHA1

295ee2702329d6f15d382fab858deaa19ab90360
SHA256

7d25cd96492899e91ee278b161d36808f088f4e26bda557e8368320ff0c909c1
SHA512

0dc43187c64747bb71ac7b2079b4ba39a29881670a16d9a1fd0362160c2f0fbf618cc7bce4b87f3f31a2cb168d104e39d810c4e40cb9f84446e1c3317a6971b6
SSDEEP

768:+cEbybTjVAAliMdErN2KKiTzFQD7mvq+JU+MAMsz1tpXcOUA3GxonSXq+QPj6jm:gEiXM6Z2KKaxQDivq+JxMIz1DMOU/xoj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a7ee5e0770da516a058107d8d41c067_JaffaCakes118

Files

6a7ee5e0770da516a058107d8d41c067_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b862bcdfd5f35c34bd40a999dae9de30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
VirtualAlloc
VirtualFree

msvcrt

__p__fmode
exit
fwprintf
isdigit
srand
strspn
wcscpy

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoInitializeSecurity
CoTaskMemFree
StringFromCLSID
CoCreateGuid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ