b453518e08ed11846118a4274b1afebf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b453518e08ed11846118a4274b1afebf_JaffaCakes118
Size

726KB
MD5

b453518e08ed11846118a4274b1afebf
SHA1

65b2211595fc2fd342519bfa48d61f01dcd9aad6
SHA256

c1b38bd953d460f54ce6e0f7632d243abee626f00b759a95cc939703e255cfcd
SHA512

804447b21bfdc23cec42c431f9bbaeb46008f2359da6e6e7f44ff13d01cf7626583aa9e606eaf7627689cff693e78ee87582c995105daeff8e1fc2b85bc2f09f
SSDEEP

12288:J0IrT6MFOVO6p+2C44IGh5zz8GCI6/Mgmfm9rTvapZA396ElDRjzeNuIrAr1:6IreMFOVO6+j447FIUsXKc0ElDRjzeoZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b453518e08ed11846118a4274b1afebf_JaffaCakes118

Files

b453518e08ed11846118a4274b1afebf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9e14945c3974fd1f488b128cb6adb49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtect
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

PeekMessageA
SendMessageA

Exports

Exports

Rlnutwh
CloseOpuuywqsed

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 705KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enill
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ