b0eebaa982d982a2dec8cabe931b311d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0eebaa982d982a2dec8cabe931b311d_JaffaCakes118
Size

77KB
MD5

b0eebaa982d982a2dec8cabe931b311d
SHA1

c1d174d7ab1845db2d72b30f9948d574252c80b7
SHA256

a70acf1d9743d9a82dd48f3b1ab5504e672ce2ac496ce7f574d86749b4f24c9a
SHA512

1237ecfced124db36f7e571be8a606a94a781aeaf74b0962c33ab4fb5b586dec794dfc352289242f417a158b61f7b4dad2ebb68b15457765dda942b959a109c9
SSDEEP

1536:zJaTP0XtS+T87R7Eswqty5EVWZz8VItXBOhnPzJuMvVNpcazjpQIo1US6S:zwTP0XtZTQR7E3qtQv8Va4PDdBox6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0eebaa982d982a2dec8cabe931b311d_JaffaCakes118

Files

b0eebaa982d982a2dec8cabe931b311d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

93c6c73136d3be79741b2f03534dc28f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
SetPriorityClass
VirtualProtectEx
SetLastError
GetStartupInfoA
GetModuleFileNameA

user32

BeginPaint
GetUserObjectInformationA

Exports

Exports

EndIpdtqkuxorc
InitOpohomt

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: 544B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 67KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ