00a06048840bd12062de3388e55f94a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00a06048840bd12062de3388e55f94a1_JaffaCakes118
Size

52KB
MD5

00a06048840bd12062de3388e55f94a1
SHA1

4fb3729a46af3caa7e84ddeb2e9d86135f399bab
SHA256

edc7f824f05e08b2ebc32cc7ab2e1df36181d81fbc0ed1c08b69518b3467215a
SHA512

06796f4f38926a57e63fc62948d89aab2d4db0c5f50db8196af9db275e1d5d81e12ac786dccf4823e31b4447fd0910429efd5371541d5847fb133b0954cff7d4
SSDEEP

768:g8SthU5L6f0bqZvg5XmsNXUx3tbIThfX1I:gLoL6f0bl5XrUltsTJX1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00a06048840bd12062de3388e55f94a1_JaffaCakes118

Files

00a06048840bd12062de3388e55f94a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df250fdfe4036c495e789f5efe4d41d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SetErrorMode
GetWindowsDirectoryA
SetCurrentDirectoryA
VirtualProtect
ExitProcess

user32

SetForegroundWindow
GetClassInfoExW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.secdata
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsec
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ