a0bda62c7017b353477d6cd2f9324e08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0bda62c7017b353477d6cd2f9324e08_JaffaCakes118
Size

1.5MB
MD5

a0bda62c7017b353477d6cd2f9324e08
SHA1

9e4401c217715f4bddeefb87fc48f9b7b134c011
SHA256

53ada9f0aded5c0cac735b721470f76bd1ac117542ba5ab95c91baf944857100
SHA512

bbb0a7fa19430e5d8119cf655e493c6240104ee7fa02d4118c5c733702772f67b1d3d8dc18d8cfcb5320cbe4edfbdd540e911f770d28df8795b0dc9832d66b44
SSDEEP

49152:0pE7j5SdfwEbqW8oFAxct41mnrwOp2SCtD5Xav2qM5Y:hjwdYtW8omx2rwYI5Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0bda62c7017b353477d6cd2f9324e08_JaffaCakes118

Files

a0bda62c7017b353477d6cd2f9324e08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e54bd6d7e1f8cc11634350917c4eef06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA

Sections

Size: 14KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nvcygugy
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ztkvizyo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE