06c5490430c09643bcfdefdd0d4c1a32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06c5490430c09643bcfdefdd0d4c1a32_JaffaCakes118
Size

93KB
MD5

06c5490430c09643bcfdefdd0d4c1a32
SHA1

eae791ae16bdbf7cba916308c9dde467d2c79c2f
SHA256

210d26293e8229cf923499cc2b8c1a249a82c56df82437de78db32e475315401
SHA512

8231ddecc303cf60dc5e2ea5620917a68e656d3fa393fa8c8057ab7b9b9d73b2ad3f0f43e76b935c0a21aa5920a70249d626da862cf8b9f64d91d34e979266ea
SSDEEP

768:ZTpOOOQnTxR4oSZdoRnnLiVjUJtOMIPnPsigOREbGnFkHjbGyrIMWG5ErjS:ZTpOOOu4pZidLYjUJXLiOmF2jbxWGq6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c5490430c09643bcfdefdd0d4c1a32_JaffaCakes118

Files

06c5490430c09643bcfdefdd0d4c1a32_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f78966ea57e383e52db604760a7650ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc

user32

GetSystemMetrics
LoadIconA
LoadCursorW

msvcrt

memcpy

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ata4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ata3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ata2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ