cf0a1c2b3b5e07cee6ea38ccef558c28_JaffaCakes118 | Triage

Sharing

General

Target

cf0a1c2b3b5e07cee6ea38ccef558c28_JaffaCakes118
Size

2KB
MD5

cf0a1c2b3b5e07cee6ea38ccef558c28
SHA1

0657dbe5763b18407d4534030e1b2ea544c7869f
SHA256

4ef7cc1dfdb2e1723e9b507f540428c0b8b072c09d10e6ea7402a1ef46caf3a2
SHA512

4dd9a97fd4b55af08c01c3a4a6a6559468ae898e9854004c0aead3081d75333c5703cc5c2194538034a2562867f441e1c4d3fee08668fe505d4c922cbec70d52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf0a1c2b3b5e07cee6ea38ccef558c28_JaffaCakes118

Files

cf0a1c2b3b5e07cee6ea38ccef558c28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4db41cf35a9ded078ae059a9fc2b9f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ExitProcess
CreateProcessA
WaitForMultipleObjects
OpenProcess
CreateEventA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ