c0a4ecc4cbab1becd921121430b2f354_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0a4ecc4cbab1becd921121430b2f354_JaffaCakes118
Size

6KB
MD5

c0a4ecc4cbab1becd921121430b2f354
SHA1

1b46b596fa5c569bf7548f4d1d74049e7a6f89d8
SHA256

22810b4724386533c5dc704e01cb17b35ce3807258ebdc5cec141d487bfbdde3
SHA512

1cb97dd99a41fe8f9f35a14376331214d77c98d7f363f3c6e74b866c68bc71aad14783cdbea0d424b58e27a8aeda5fa2a028e4a95304d14a584b7acf9bd1480c
SSDEEP

96:VBMn4+ZQjc/LEMPDp/pFX+p++8nPHDm5tDUiMz5GAeO01:VBr+U2I4N/pFXe+DHDsZE5GAeO01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0a4ecc4cbab1becd921121430b2f354_JaffaCakes118

Files

c0a4ecc4cbab1becd921121430b2f354_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f228153db4539716b66464ca4a002b07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBW
CreateNamedPipeW
GetFileAttributesExW
GetModuleFileNameA
BuildCommDCBAndTimeoutsA
GetWindowsDirectoryW
FindResourceA
GetConsoleAliasesW
GetLongPathNameA
GetProfileStringA
CreateMailslotW
GetCommandLineW

user32

CallMsgFilterW
LoadImageA
ModifyMenuW
MapVirtualKeyA
DefMDIChildProcW
SetWindowsHookA

gdi32

PolyTextOutA
TextOutA
TextOutA
CreateMetaFileA
GetCharABCWidthsA
GetICMProfileA
GetCharacterPlacementA

Sections

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 862B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ