002cff85b6acdf8d95b6f5d485e2c52a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

002cff85b6acdf8d95b6f5d485e2c52a_JaffaCakes118
Size

32KB
MD5

002cff85b6acdf8d95b6f5d485e2c52a
SHA1

ce3b907760bceabc073cd0def1dc538ea7c38294
SHA256

4caf5b132b6da35e5365f0ed640f6ee4862486a2715526cefb7dd3b3d83cd065
SHA512

ac59e605fb57177e096c0f8cb4cd263637d0407012a10a2f772b2b7dee061cfa53660d2c7885f60b86ece0f1deb10960f30f0cc694471bcc61b83b238427a808
SSDEEP

384:4g4gRTWKsRgxIYYO41Yy4jstLRLag1OZY0VhjQtyEHMnqihdAC3EQy+rR4R:IR+21Yy4j+egIu0V4yqK7hdOQV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
002cff85b6acdf8d95b6f5d485e2c52a_JaffaCakes118

Files

002cff85b6acdf8d95b6f5d485e2c52a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4278480a3186073fb1ab5bf06d0588eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCommandLineA
ExitProcess

user32

CharNextA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE