062e4cfdb2945602b2384a3502886b10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

062e4cfdb2945602b2384a3502886b10_JaffaCakes118
Size

128KB
MD5

062e4cfdb2945602b2384a3502886b10
SHA1

dc3d40fc18d8fb309064b184b780557a5d9d9c45
SHA256

0e2158461cb7d84b69bbd9529c72a8d98bd158140a55e9549a5537e54d3dff6c
SHA512

c74942710b52409bf562c4d400e1fefc95b53931d3a9e2ede67cd9d4f306f0f203071ddb99d541df5feddf35e5da7f7b7d7cf34c4db1a077d7119a6b343417ec
SSDEEP

3072:xpin237SkFMUfh2IVKhK1g9ETbHFoax/CjhS18ZCJ:xpJFqUfI/ha5Tbxx6jhS18ZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
062e4cfdb2945602b2384a3502886b10_JaffaCakes118

Files

062e4cfdb2945602b2384a3502886b10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c75073784981cee49d39c46ed7aafdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetCommandLineA
GetProcAddress
VirtualAllocEx
GetModuleHandleW
GetOEMCP
LoadLibraryExA
lstrlenA
ExitProcess
GetModuleHandleA
IsBadReadPtr
GetACP
IsBadHugeReadPtr
GetCommandLineW

Sections

CODE
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ