b0f2d726ec9f27de376174397b673c0d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0f2d726ec9f27de376174397b673c0d_JaffaCakes118
Size

4KB
MD5

b0f2d726ec9f27de376174397b673c0d
SHA1

a41df9878e17187d5a7736dbda2baaaedc35ea91
SHA256

f7e09d5a4186b06a44086ac99a5c783c85dd9f4b2ee08df1b064df223a5d526a
SHA512

312317a7dce6dcd4a41860808ce72baaeaf193901d89cb7d4e6ffe7ce472864cd44b234dd2c615efcace7a288efea5bc008162b2db36dc13cdce82e4572f2035
SSDEEP

96:ofwcY1j8RbCD5CxsutyAZwcVtHxJEpK6tAh/LmfVmvds1w/ypO59a:orVq5ysurHziKTQmvd8ma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/m_off.exe

Files

b0f2d726ec9f27de376174397b673c0d_JaffaCakes118
.zip
m_off.exe
.exe windows:1 windows x86 arch:x86

c1e0329db583e8d62f98a43cd3e905e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
RtlUnwind
Sleep

user32

MessageBoxA
SendMessageA

crtdll

_iob
_itoa
__GetMainArgs
abort
exit
fwrite
raise
signal
strcat
strchr

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 32B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 268B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 636B - Virtual size: 636B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE