aa81d4ae9703603987fa175f1b5de8b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa81d4ae9703603987fa175f1b5de8b5_JaffaCakes118
Size

132KB
MD5

aa81d4ae9703603987fa175f1b5de8b5
SHA1

36d779cec19100263918452cea9706cb45973b71
SHA256

03224eb28036aec4139ae43197a367c0f0409e9e93a6e7bafe425dbdc00cd81c
SHA512

0cd2227b1c49e81bb6f47213ac61116dcbdcd7246300104d791a543b3607c9225e4c463d8173bde978ec804a1bcdd36935a28146b7ebf3bff1ea34dd3404a20d
SSDEEP

3072:eGEh7shUF3j89hyeE9xruzObqEv2UCM3EEFnSCUUyZebbyDiQ:eGfS89Ixr4gzOUH3DnSCUUnii

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa81d4ae9703603987fa175f1b5de8b5_JaffaCakes118

Files

aa81d4ae9703603987fa175f1b5de8b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f671dd006d6256e4d5115b83ef7ffd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize

kernel32

LoadLibraryA

Exports

Exports

=EpticalDword@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalMode@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalReverse@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalSound@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalSystem@888GPAUHINSTANCE__@@U_COMMPROP@@`D

Sections

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ