e0aab02d148e304dcb3c0d05b9114eb9_JaffaCakes118 | Triage

Sharing

General

Target

e0aab02d148e304dcb3c0d05b9114eb9_JaffaCakes118
Size

1.0MB
MD5

e0aab02d148e304dcb3c0d05b9114eb9
SHA1

ea645b43caffaecbcba9356fa85707c7d4541dcf
SHA256

0be691c6ca785aeb6c18b7544a160d78cd7e85f9c30b2e62d54ec39b83b9bff1
SHA512

36f6b80c53bcad2ca979e3ea2c11189bd5ee09122f20ae477600bafa3cacb8674189f4cc9329e27fbdf5ffe141cdb359f3f89a59b6aa5dc2b3e93dc35882c71c
SSDEEP

24576:bjhqSDKGWMEdM1+9wrxNO98NVxOVEC4OYpRnvC8p1MzdY:/ZkdMQyrxNO98XxO943pRnvfv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0aab02d148e304dcb3c0d05b9114eb9_JaffaCakes118

Files

e0aab02d148e304dcb3c0d05b9114eb9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e54bd6d7e1f8cc11634350917c4eef06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA

Sections

jgcyvqqa
Size: 257KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gsbnwwcu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmpijgfi
Size: 763KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hoxixfje
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE