06eb3af4f29aa8a80fbb168f6cfab79c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06eb3af4f29aa8a80fbb168f6cfab79c_JaffaCakes118
Size

122KB
MD5

06eb3af4f29aa8a80fbb168f6cfab79c
SHA1

e0e342bc12bc2256e0fd2f37dd0e4d6503127d2c
SHA256

62b8acc9486e61e32d0459dd308b4b95af96741e220b80dd8e87d99f45525188
SHA512

e2523d1ad6b4dbd1a9299f512bb3621b8e897140333b6470ad3849f0098b351ec614d7e8516c607443e5d8f5b2e55a1bfd6b34a6fda13589cb0ebab5e4dd6be9
SSDEEP

3072:lhCHuGz7BDrs1neMyM0y3LZfo3FYlwvfCD/4rhzeTV:lhsu8B8neBv6LZAecfCDQNa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06eb3af4f29aa8a80fbb168f6cfab79c_JaffaCakes118

Files

06eb3af4f29aa8a80fbb168f6cfab79c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fb1207484cc24538f4c8ca1e200860e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
FreeEnvironmentStringsW
CloseHandle
GetLastError
GetThreadLocale
FreeEnvironmentStringsA
GetProcAddress
VirtualAlloc
LoadLibraryA
GetEnvironmentStrings

user32

GetMessageA
TranslateMessage
DispatchMessageA

oleaut32

VarRound

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ