96ae03f530725fdebb7a15a32efc054a_JaffaCakes118 | Triage

Sharing

General

Target

96ae03f530725fdebb7a15a32efc054a_JaffaCakes118
Size

81KB
MD5

96ae03f530725fdebb7a15a32efc054a
SHA1

0acf5b2d06ffa31de5b58ebf8d4c2d03d60fd227
SHA256

1dda1e65345afa0cef21eb2c8c5ea1afa958df4732d3e9207b146a328fd4ee6d
SHA512

16f17ed88c9e71b8bf8713b8916e9bf03e63422d7e1fe6cf9d21daddc79d8a9d9661a613aa01ca1b5d965500d6832f3f25d9815f9abbd0940188c2a56c57b557
SSDEEP

1536:YEAHkc4Rx8DaIJvyXq2WZAdm/8zw/0Zv+FOoQO2V3Vy2zCANUP5:YEAHkc4oD/Uq2gA8/8C0ZvD5PBNUP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ae03f530725fdebb7a15a32efc054a_JaffaCakes118

Files

96ae03f530725fdebb7a15a32efc054a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f388df61528ef8badfa16ea006e67c4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
SetProcessWindowStation

Exports

Exports

Oypligqtnf
CreateWyqhlqvi
Ntirqcbjf
OpenPnrxtemtxuu
Pvaknbbe
Qfqgyhqpa
Xsrhdlufwkm

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ