bb53ceca189cade8d6fea8ee0d26f994_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb53ceca189cade8d6fea8ee0d26f994_JaffaCakes118
Size

116KB
MD5

bb53ceca189cade8d6fea8ee0d26f994
SHA1

496cba2e3a29dd25d3fdffbc70b24858ef6500de
SHA256

a3595038d68e98756fd7a1b9c8632dac3e65a3eff376c17d2223289acc2f6b20
SHA512

355c166cfca8f2c35311449a0df1f2f5be53e3dd3a48d021f2a0954e2439b3e5cd92afeae9bf4538a971fd38f4f18c526896047ec957680695ca713c5a9561f7
SSDEEP

1536:FmAI8LACHDRlfovrFZqjMe8VlYNCgisoYp8Nzc3gbwsE7fM/P7T1+05e34k:FO8LACj/qzqjMeaNzcAwsErMld0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb53ceca189cade8d6fea8ee0d26f994_JaffaCakes118

Files

bb53ceca189cade8d6fea8ee0d26f994_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db392e17ecd0fdfcc3a2a15501a42ffa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetACP
VirtualFree
GetCommandLineA
Sleep
ExitProcess

user32

GetDesktopWindow

Sections

.text
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Hhgmlfoi
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Wjgbwgrw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Cgeq. Ha
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ